That's not true. There have been PDF.js exploits that lead straight to RCE. This... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		_joev on Aug 7, 2015 \| parent \| context \| favorite \| on: Firefox exploit found in the wild That's not true. There have been PDF.js exploits that lead straight to RCE. This has the additional downside of leading to immediate compromise on every platform. Example (used by Mariusz Mlynski to win Pwn2Own this year): https://www.mozilla.org/en-US/security/advisories/mfsa2015-3...

_wmd on Aug 7, 2015 [–]

Thanks for the link, and bummer, too late to edit my comment.. now I'll be wrong on the Internet for perpetuity :)

shimshim on Aug 7, 2015 | [–]

join the club

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact