all InfoSec news
A Vulnerability in Mozilla PDF.js Could Allow for Arbitrary Code Execution
Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org
A vulnerability has been discovered in Mozilla PDF.js could allow for arbitrary code execution. Mozilla PDF.js is a PDF viewer that is built into Mozilla Firefox and can be used by other web browsers. Exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users …
arbitrary code arbitrary code execution browsers can code code execution context exploitation firefox mozilla mozilla firefox pdf viewer vulnerability web web browsers