USN-2707-1: Firefox vulnerability
7 August 2015
Firefox could be made to expose sensitive information from local files.
- firefox - Mozilla Open Source web browser
Cody Crews discovered a way to violate the same-origin policy to inject
script in to a non-privileged part of the PDF viewer. If a user were
tricked in to opening a specially crafted website, an attacker could
exploit this to read sensitive information from local files.
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart Firefox to make
all the necessary changes.