Sensitive Data Breach; FF displays content from a previously loaded plugin when displaying new content from within another pugin
Sensitive Data Breach.
When loading content from a plugin, such a pdf or flash, any content from previously viewed content from a plugin is flash before the new content is displayed.
In our app we show sensitive information and this represents a data breach.
This issue present across or between the same or different plugins. Silverlight - > PDF, PDF -> PDF, etc.
由 sroberts 於
所有回覆 (4)
In reviewing the steps to re-create the problem, I'm not sure I understand what's happening.
1. Load some flash content 2. Leave the Tab open or Close the tab 3. Load a pdf within the browser in another tab.
Note: Ensure Options -> Tabs -> "When I open a link in a new tab, switch to it immediately" is selected.
Note: Ensure you clear your cache so plugin content is downloaded.
The longer it takes to download the pdf the longer the sensitive data will be displayed. When the plugin fails content may be displayed indefinitely.
(I view PDFs outside the browser, so I haven't attempted to re-create the above scenario.)
Are you saying that Flash content appears where the PDF is supposed to load, or a previous PDF appears?
I assume this previously viewed data doesn't survive a shut-down and restart of Firefox. Is that correct?
Make sure that you have the latest version of your graphics display driver.
Hi jscher2000,
Yes, the content from the previously viewed plugin appears where the next plugin's content is supposed to display until the next plugins content fully loads.
Correct, previously viewed data doesn't survive a shut-down and restart of Firefox.
The content is NO-STORE.
Hi cor-el,
Thank you, I followed each option - no luck.