Critical Firefox Update Today - SANS Internet Storm Center

Critical Firefox Update Today
The good folks at Firefox have released their latest version, 39.0.3, in response to vulnerability CVE-2015-4495, which has been seen in the wild and allows an attacker to read and steal sensitive local files. The vulnerability takes advantage of the interaction between the JavaScript context separation and the PDF Viewer. The exploit works by injecting a JavaScript payload into the local file context, which allows it to search and upload local files. Mozilla products that do not contain the PDF viewer are not vulnerable, as well as Mac systems. NOTE: This exploit has been seen in the wild, and leaves no trace it has run on the local machine. The exploit description described in greater detail at the Mozilla Security website gives additional details on what files are currently being targeted. As with any updates being deployed into the enterprise, we highly recommend testing updates for impact before deployment, and ensure all configuration and change control requirements are maintained. tony d0t carothers --gmail	Tony 150 Posts ISC Handler
Reply Subscribe	Aug 7th 2015 3 years ago
Basically, if you are a web developer and use Firefox, change your passwords and ssh certificates. The exploit is targeted at people who access websites for development and maintenance.	Anonymous
Reply Quote	Aug 8th 2015 3 years ago
This bug does not only allow to read any local file, but also to (over)WRITE local files, and can thus be (ab)used to execute arbitary code, leading to RCE.	Anonymous
Reply Quote	Aug 8th 2015 3 years ago
Anyone know of which IPs/URL it's would have been hitting? Can't find anything in the write-ups that would allow admins to check.	Marquis 7 Posts
Reply Quote	Aug 10th 2015 3 years ago