Bas Venis

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 52.0.2743.82 Opera (affected versions not specified) **Description** The issue is related to the Proxy Auto-Config (PAC) feature, where the `net/proxy/proxy service.cc` file does not restrict URL information to a scheme, host, and port. This allows remote attackers to discover credentials by operating a server with a PAC script. **Recommendations** For Google Chrome versions prior to 52.0.2743.82, update to version 52.0.2743.82 or later to resolve the issue. For Opera, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 40.0.3 Firefox ESR versions prior to 38.2.1 **Description** The issue is related to the add-on installation feature, which allows remote attackers to bypass the intended user-confirmation requirement. This can be achieved by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain point in the installation process. The vulnerability is associated with errors in security settings, enabling a remote attacker to bypass the user confirmation procedure for installing updates using specially formed data. **Recommendations** For Mozilla Firefox versions prior to 40.0.3, update to version 40.0.3 or later. For Firefox ESR versions prior to 38.2.1, update to version 38.2.1 or later.