FireFox file stealing 0day vulnerability has been hacked“real”use, the official emergency release to fix patch-bug warning-the black bar safety net

ID MYHACK58:62201565606
Type myhack58
Reporter dawner
Modified 2015-08-11T00:00:00


In Russia a web site, the researchers found a Firefox serious 0day exploits program Exp code, you can steal Windows and Linux users on the computer file. This security event is forcing Mozilla to the official emergency release patch. Vulnerability description The vulnerability is caused by the Firefox built-in PDF reader, an attacker can steal a user's computer files affect Windows and Linux users. For Linux users, the attacker's Exp can exploit the vulnerability to upload the encrypted system password file, the bash command history file as well as the SSH configuration file and key. Hack through it also can get some other files, such as MySQL and PgSQL historical data files, remina and Filezilla as well as Psi+configuration file, the text contains“pass”and name contains“access”text file, as well as all of the shell script file. After the study found that for Windows users the Exp seems to be the developer of the relevant file to show interest, the Exp is seeking data including subversion, s3browser, the Filezilla configuration files,. purple and Psi+account data, as well as eight different well-known FTP client in the site configuration file. OS X users of the system are not found to suffer attack signs. However, this vulnerability Exp is hack hang on a Russian news site advertising promotion, because they do not exclude other sites being hung up on similar malicious program, which is likely to have for a Mac computer to attack the code. Repair recommendations Veditz in a blog post wrote,“the Exp run does not leave a trace, if you're on Windows or on Linux using vulnerability version of Firefox, it would need for the above files, passwords, key for rectification. However, if you use ad-blocking like ad-free plug-in, software filtering, perhaps you can also avoid suffering the attacks.” According to Virus Bulletin by the security researcher Martijn Grooten on Friday published a blog post called, the attacker using this vulnerability can create a malicious PDF file, and to which the injection of malicious Javascript code. The vulnerability bypasses the same-origin policy, the attacker can use it to obtain local files. Mozilla has released an emergency update to patch the vulnerability, the user needs to check the following Make sure that the update to Firefox v39. 0. 3 version or Firefox ESR 38.1.1 it.