In the latest blog post on WeLiveSecurity.com; ESET researcher Anton Cherepanov provides an analysis of CVE-2015-4495 vulnerability in Mozilla Firefox’s PDF.js viewer. Entitled 'Firefox Under Fire: Anatomy of the Latest 0-day attack‘, the blog post offers detailed analysis of two versions of the script and share details about the associated attacks against Windows, Linux and OS X systems.
ESET Telemetry detects this vulnerability as JS/Exploit.CVE-2015-4495. After successful exploitation of the bug, it allows attackers to bypass the same-origin policy and execute remote JavaScript. The script supports both the Linux and Windows platforms.
„In majority of cases exploits are used as an infection vector for other data-stealing trojans. In this instance, the malicious script alone was able to steal sensitive files from victims’ systems,“ says Anton Cherepanov, Malware Researcher at ESET.
According to ESET, the exploit shows that the malware-writers had a deep knowledge of Firefox internals.CVE-2015-4495 is still actively used, therefore Firefox users are advised to update to the latest version immediately.
Read more about this 0-day attack on WeLiveSecurity.com.
Raphael Labaca Castro
Editor in Chief, WeLiveSecurity.com