Firefox < 39.0.3 PDF Reader Arbitrary File Access (Mac OS X)
Medium Nessus Plugin ID 85273
SynopsisThe remote Mac OS X host contains a web browser that is affected by an arbitrary file access vulnerability.
DescriptionThe version of Firefox installed on the remote Mac OS X host is prior to 39.0.3. It is, therefore, affected by a vulnerability in the same origin policy in which an attacker can inject script code into a non-privileged part of browser's built-in PDF reader, resulting in gaining access to sensitive local files.
SolutionUpgrade to Firefox 39.0.3 or later.