Texas A&M AgriLife IT Security
Texas A&M AgriLife IT SecurityLatest IT news & tips to keep your computer safe

Zero day exploit for PDF.Js (javascript) in Firefox versions prior to 39.0.3

by

A zero day exploit that uses the pdf .js (Java script PDF viewer) to extract data from files commonly used by developers ( such as history files for MySQL and PgSQL, and configuration files for filezilla and PSI+) is active for Firefox version 39.0.2. For that reason Firefox should be updated as soon as possible to version 39.0.3.  The exploit has been active on both Windows and Linux systems.

 

Please see the following URLs for details

http://arstechnica.com/security/2015/08/0-day-attack-on-firefox-users-stole-password-and-key-data-patch-now/

https://nakedsecurity.sophos.com/2015/08/07/firefox-zero-day-hole-used-against-windows-and-linux-to-steal-passwords/