Tantaryu Ming

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 39.0.3 Firefox ESR versions prior to 38.1.1 Firefox OS versions prior to 2.2 **Description** The issue is related to the PDF reader component in Mozilla Firefox, Firefox ESR, and Firefox OS, which lacks protection of internal data. This allows a remote attacker to bypass access control policies, read arbitrary files, and gain privileges using specially crafted JavaScript code. The vulnerability has been exploited in the wild. **Recommendations** For Mozilla Firefox versions prior to 39.0.3, update to version 39.0.3 or later. For Firefox ESR versions prior to 38.1.1, update to version 38.1.1 or later. For Firefox OS versions prior to 2.2, update to version 2.2 or later.