Hi, I run the site https://scriptobservatory.org, which scans the internet and keeps track of what JavaScript people are sent as they browse the internet. Could you drop me an email with a copy of the exploit script (OR a list of a few unique strings found in the exploit script)?
With that, I can search the history of what we've been sent to get a list of all webpages that this exploit has been seen on.
Email is scriptobservatory -at- gmail -dot- com or you can input it in the "Do you have a list of websites you want to be scanned regularly?" text box.
To people helping others on the internet who claim to be security professionals, remember to make sure that the person is actually trustworthy, so you're not helping criminals. Even though a_cherepanov is a new account with only this comment, I suppose their email domain makes them trustworthy enough: ESET is a Slovakian security company that's had a Wikipedia page for 5+ years.
Hi fukusa, I know a Russian website (not a news site, it is webdev oriented) that triggers some PDF error in Firefox 35 and does not do that with latest Firefox 39.0.3. I sent a bug report to owners 6 days ago (just because PDF errors on a webpage are strange) and they have not fixed it yet. Could you check this website? I can send you an URL the way you prefer.
With that, I can search the history of what we've been sent to get a list of all webpages that this exploit has been seen on.
Email is scriptobservatory -at- gmail -dot- com or you can input it in the "Do you have a list of websites you want to be scanned regularly?" text box.