7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.01 Low
EPSS
Percentile
83.7%
Severity: Critical
Date : 2017-06-16
CVE-ID : CVE-2017-5470 CVE-2017-5471 CVE-2017-5472 CVE-2017-7749
CVE-2017-7750 CVE-2017-7751 CVE-2017-7752 CVE-2017-7754
CVE-2017-7756 CVE-2017-7757 CVE-2017-7758 CVE-2017-7762
CVE-2017-7764 CVE-2017-7771 CVE-2017-7772 CVE-2017-7773
CVE-2017-7774 CVE-2017-7775 CVE-2017-7776 CVE-2017-7777
CVE-2017-7778
Package : firefox
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-302
The package firefox before version 54.0-1 is vulnerable to multiple
issues including arbitrary code execution, denial of service,
information disclosure and content spoofing.
Upgrade to 54.0-1.
The problems have been fixed upstream in version 54.0.
None.
Several memory safety issues leading to arbitrary code execution have
been found in Firefox < 54.0 and Thunderbird < 52.2.
Several memory safety issues leading to arbitrary code execution have
been found in Firefox < 54.0.
A use-after-free vulnerability has been found in Firefox < 54.0 and
Thunderbird < 52.2, in the frameloader during tree reconstruction while
regenerating CSS layout when attempting to use a node in the tree that
no longer exists.
A user-after-free has been found in Firefox < 54.0 and Thunderbird <
52.2, when using an incorrect URL during the reloading of a docshell.
A use-after-free has been found in Firefox < 54.0 and Thunderbird <
52.2, during video control operations when a <track> element holds a
reference to an older window if that window has been replaced in the
DOM.
A use-after-free has been found in Firefox < 54.0 and Thunderbird <
52.2, in content viewer listeners.
A use-after-free has been found in Firefox < 54.0 and Thunderbird <
52.2, during specific user interactions with the input method editor
(IME) in some languages due to how events are handled. This results in
a potentially exploitable crash but would require specific user
interaction to trigger.
An out-of-bounds read has been found in Firefox < 54.0 and Thunderbird
< 52.2, with a maliciously crafted ImageInfo object during WebGL
operations.
A use after-free and use-after-scope vulnerability has been found in
Firefox < 54.0 and Thunderbird < 52.2, when logging errors from headers
for XML HTTP Requests (XHR).
A use after-free vulnerability has been found in Firefox < 54.0 and
Thunderbird < 52.2, in IndexedDB when one of its objects is destroyed
in memory while a method on it is still being executed.
An out-of-bounds read vulnerability has been found in Firefox < 54.0
and Thunderbird < 52.2, with the Opus encoder when the number of
channels in an audio stream changes while the encoder is in use.
A security issue has been found in Firefox < 54.0. When entered
directly, Reader Mode did not strip the username and password section
of URLs displayed in the addressbar. This can be used for spoofing the
domain of the current page.
A security issue has been found in Firefox < 54.0 and Thunderbird <
52.2, where characters from the “Canadian Syllabics” unicode block can
be mixed with characters from other unicode blocks in the addressbar
instead of being rendered as their raw “punycode” form, allowing for
domain name spoofing attacks through character confusion. The current
Unicode standard allows characters from “Aspirational Use Scripts” such
as Canadian Syllabics to be mixed with Latin characters in the
“moderately restrictive” IDN profile. Firefox and Thunderbird behavior
has been changed to match the upcoming Unicode version 10.0 which
removes this category and treats them as “Limited Use Scripts.”
An out-of-bounds read has been found in the Graphite 2 library used in
Firefox < 54.0 and Thunderbird < 52.2, in Pass::readPass.
A heap-buffer-overflow write has been found in the Graphite 2 library
used in Firefox < 54.0 and Thunderbird < 52.2, in lz4::decompress.
A heap-buffer-overflow write has been found in the Graphite 2 library
used in Firefox < 54.0 and Thunderbird < 52.2, in lz4::decompress.
An out-of-bounds read has been found in the Graphite 2 library used in
Firefox < 54.0 and Thunderbird < 52.2, in Silf::readGraphite.
An assertion failure has been found in the Graphite 2 library used in
Firefox < 54.0 and Thunderbird < 52.2.
A heap-buffer-overflow read has been found in the Graphite 2 library
used in Firefox < 54.0 and Thunderbird < 52.2, in Silf::getClassGlyph.
An use of initialized memory has been found in the Graphite 2 library
used in Firefox < 54.0 and Thunderbird < 52.2, in
GlyphCache::Loader::read_glyph.
An out-of-bounds write has been found in the Graphite 2 library used in
Firefox < 54.0 and Thunderbird < 52.2, in lz4::decompress.
A remote attacker may be able to crash Firefox, access sensitive
information, spoof content to trick the user into performing an
unwanted action and execute arbitrary code on the affected host.
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-5470
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1359639%2C1349595%2C1352295%2C1352556%2C1342552%2C1342567%2C1346012%2C1366140%2C1368732%2C1297111%2C1362590%2C1357462%2C1363280%2C1349266%2C1352093%2C1348424%2C1347748%2C1356025%2C1325513%2C1367692
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-5471
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-5472
https://bugzilla.mozilla.org/show_bug.cgi?id=1365602
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7749
https://bugzilla.mozilla.org/show_bug.cgi?id=1355039
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7750
https://bugzilla.mozilla.org/show_bug.cgi?id=1356558
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7751
https://bugzilla.mozilla.org/show_bug.cgi?id=1363396
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7752
https://bugzilla.mozilla.org/show_bug.cgi?id=1359547
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7754
https://bugzilla.mozilla.org/show_bug.cgi?id=1357090
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7756
https://bugzilla.mozilla.org/show_bug.cgi?id=1366595
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7757
https://bugzilla.mozilla.org/show_bug.cgi?id=1356824
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7758
https://bugzilla.mozilla.org/show_bug.cgi?id=1368490
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7762
https://bugzilla.mozilla.org/show_bug.cgi?id=1358248
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7764
https://bugzilla.mozilla.org/show_bug.cgi?id=1364283
http://www.unicode.org/reports/tr31/tr31-26.html#Aspirational_Use_Scripts
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7778
https://bugzilla.mozilla.org/show_bug.cgi?id=1350047
https://bugzilla.mozilla.org/show_bug.cgi?id=1352745
https://bugzilla.mozilla.org/show_bug.cgi?id=1352747
https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7778
https://bugzilla.mozilla.org/show_bug.cgi?id=1355174
https://bugzilla.mozilla.org/show_bug.cgi?id=1355182
https://bugzilla.mozilla.org/show_bug.cgi?id=1356607
https://bugzilla.mozilla.org/show_bug.cgi?id=1358551
https://bugzilla.mozilla.org/show_bug.cgi?id=1349310
https://security.archlinux.org/CVE-2017-5470
https://security.archlinux.org/CVE-2017-5471
https://security.archlinux.org/CVE-2017-5472
https://security.archlinux.org/CVE-2017-7749
https://security.archlinux.org/CVE-2017-7750
https://security.archlinux.org/CVE-2017-7751
https://security.archlinux.org/CVE-2017-7752
https://security.archlinux.org/CVE-2017-7754
https://security.archlinux.org/CVE-2017-7756
https://security.archlinux.org/CVE-2017-7757
https://security.archlinux.org/CVE-2017-7758
https://security.archlinux.org/CVE-2017-7762
https://security.archlinux.org/CVE-2017-7764
https://security.archlinux.org/CVE-2017-7771
https://security.archlinux.org/CVE-2017-7772
https://security.archlinux.org/CVE-2017-7773
https://security.archlinux.org/CVE-2017-7774
https://security.archlinux.org/CVE-2017-7775
https://security.archlinux.org/CVE-2017-7776
https://security.archlinux.org/CVE-2017-7777
https://security.archlinux.org/CVE-2017-7778
www.unicode.org/reports/tr31/tr31-26.html#Aspirational_Use_Scripts
bugzilla.mozilla.org/buglist.cgi?bug_id=1359639%2C1349595%2C1352295%2C1352556%2C1342552%2C1342567%2C1346012%2C1366140%2C1368732%2C1297111%2C1362590%2C1357462%2C1363280%2C1349266%2C1352093%2C1348424%2C1347748%2C1356025%2C1325513%2C1367692
bugzilla.mozilla.org/show_bug.cgi?id=1349310
bugzilla.mozilla.org/show_bug.cgi?id=1350047
bugzilla.mozilla.org/show_bug.cgi?id=1352745
bugzilla.mozilla.org/show_bug.cgi?id=1352747
bugzilla.mozilla.org/show_bug.cgi?id=1355039
bugzilla.mozilla.org/show_bug.cgi?id=1355174
bugzilla.mozilla.org/show_bug.cgi?id=1355182
bugzilla.mozilla.org/show_bug.cgi?id=1356558
bugzilla.mozilla.org/show_bug.cgi?id=1356607
bugzilla.mozilla.org/show_bug.cgi?id=1356824
bugzilla.mozilla.org/show_bug.cgi?id=1357090
bugzilla.mozilla.org/show_bug.cgi?id=1358248
bugzilla.mozilla.org/show_bug.cgi?id=1358551
bugzilla.mozilla.org/show_bug.cgi?id=1359547
bugzilla.mozilla.org/show_bug.cgi?id=1363396
bugzilla.mozilla.org/show_bug.cgi?id=1364283
bugzilla.mozilla.org/show_bug.cgi?id=1365602
bugzilla.mozilla.org/show_bug.cgi?id=1366595
bugzilla.mozilla.org/show_bug.cgi?id=1368490
security.archlinux.org/AVG-302
security.archlinux.org/CVE-2017-5470
security.archlinux.org/CVE-2017-5471
security.archlinux.org/CVE-2017-5472
security.archlinux.org/CVE-2017-7749
security.archlinux.org/CVE-2017-7750
security.archlinux.org/CVE-2017-7751
security.archlinux.org/CVE-2017-7752
security.archlinux.org/CVE-2017-7754
security.archlinux.org/CVE-2017-7756
security.archlinux.org/CVE-2017-7757
security.archlinux.org/CVE-2017-7758
security.archlinux.org/CVE-2017-7762
security.archlinux.org/CVE-2017-7764
security.archlinux.org/CVE-2017-7771
security.archlinux.org/CVE-2017-7772
security.archlinux.org/CVE-2017-7773
security.archlinux.org/CVE-2017-7774
security.archlinux.org/CVE-2017-7775
security.archlinux.org/CVE-2017-7776
security.archlinux.org/CVE-2017-7777
security.archlinux.org/CVE-2017-7778
www.mozilla.org/en-US/security/advisories/mfsa2017-15/
www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-5470
www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-5471
www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-5472
www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7749
www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7750
www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7751
www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7752
www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7754
www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7756
www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7757
www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7758
www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7762
www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7764
www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7778
www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7778
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.01 Low
EPSS
Percentile
83.7%