CVE-2013-5598 (retired)

Priority
Description
PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does
not properly handle the appending of an IFRAME element, which allows remote
attackers to read arbitrary files or execute arbitrary JavaScript code with
chrome privileges by using this element within an embedded PDF object.
Assigned-to
chrisccoulson
Package
Upstream:released (25.0)
Ubuntu 14.04 LTS (Trusty Tahr):released (25.0+build3-0ubuntu0.13.10.1)
More Information

Updated: 2019-03-26 12:10:29 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)