Firefox < 39.0.3 PDF Reader Arbitrary File Access
Medium Nessus Plugin ID 85275
SynopsisThe remote Windows host contains a web browser that is affected by an arbitrary file access vulnerability.
DescriptionThe version of Firefox installed on the remote Windows host is prior to 39.0.3. It is, therefore, affected by a vulnerability in the same origin policy in which an attacker can inject script code into a non-privileged part of browser's built-in PDF reader, resulting in gaining access to sensitive local files.
SolutionUpgrade to Firefox 39.0.3 or later.