Mozilla Firefox ESR CVE-2015-4495 Information Disclosure Vulnerability

description-logoDescription

Security researcher Cody Crews reported on a way to violate the same origin policy and inject script into a non-privileged part of the built-in PDF Viewer. This would allow an attacker to read and steal sensitive local files on the victim's computer.

affected-products-logoAffected Applications

Firefox ESR

CVE References

CVE-2015-4495