10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.035 Low
EPSS
Percentile
91.5%
Severity: Critical
Date : 2017-08-10
CVE-ID : CVE-2017-7753 CVE-2017-7779 CVE-2017-7780 CVE-2017-7781
CVE-2017-7783 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786
CVE-2017-7787 CVE-2017-7788 CVE-2017-7789 CVE-2017-7791
CVE-2017-7792 CVE-2017-7794 CVE-2017-7797 CVE-2017-7798
CVE-2017-7799 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802
CVE-2017-7803 CVE-2017-7806 CVE-2017-7807 CVE-2017-7808
CVE-2017-7809
Package : firefox
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-375
The package firefox before version 55.0-1 is vulnerable to multiple
issues including arbitrary code execution, content spoofing,
information disclosure, same-origin policy bypass, access restriction
bypass, cross-site scripting, incorrect calculation, sandbox escape and
denial of service.
Upgrade to 55.0-1.
The problems have been fixed upstream in version 55.0.
None.
An out-of-bounds read has been found in Firefox < 55.0, when applying
style rules to pseudo-elements, such as ::first-line, using cached
style data.
Several memory safety bugs have been found in Firefox < 55.0. Some of
these bugs showed evidence of memory corruption and we presume that
with enough effort that some of these could be exploited to run
arbitrary code.
Several memory safety bugs have been found in Firefox < 55.0. Some of
these bugs showed evidence of memory corruption and we presume that
with enough effort that some of these could be exploited to run
arbitrary code.
An elliptic curve point addition error has been found in Firefox <
55.0. An error occurs in the elliptic curve point addition algorithm
that uses mixed Jacobian-affine coordinates where it can yield a result
POINT_AT_INFINITY when it should not. A man-in-the-middle attacker
could use this to interfere with a connection, resulting in an attacked
party computing an incorrect shared secret.
A denial of service has been found in Firefox < 55.0. If a long user
name is used in a username/password combination in a site URL (such as
http://UserName:[email protected]), the resulting modal prompt will
hang in a non-responsive state or crash, causing a denial of service.
A use-after-free issue has been found in Firefox < 55.0, when reading
an image observer during frame reconstruction after the observer has
been freed. This results in a potentially exploitable crash.
A buffer overflow has been found in Firefox < 55.0, when manipulating
Accessible Rich Internet Applications (ARIA) attributes within the DOM.
This results in a potentially exploitable crash.
A buffer overflow has been found in Firefox < 55.0, when the image
renderer attempts to paint non-displayable SVG elements. This results
in a potentially exploitable crash.
Same-origin policy protections can be bypassed in Firefox < 55.0, on
pages with embedded iframes during page reloads, allowing the iframes
to access content on the top level page and leading to information
disclosure.
A security issue has been found in Firefox < 55.0. When an iframe has a
sandbox attribute and its content is specified using srcdoc, that
content does not inherit the containing page’s Content Security Policy
(CSP) as it should unless the sandbox attribute included allow-same-
origin.
A security issue has been found in Firefox < 55.0. If a server sends
two Strict-Transport-Security (STS) headers for a single connection,
they will be rejected as invalid and HTTP Strict Transport Security
(HSTS) will not be enabled for the connection.
A content spoofing issue has been found in Firefox < 55.0. On pages
containing an iframe, the data: protocol can be used to create a modal
alert that will render over arbitrary domains following page
navigation, spoofing of the origin of the modal alert from the iframe
content.
A buffer overflow has been found in Firefox < 55.0, when viewing a
certificate in the certificate manager if the certificate has an
extremely long object identifier (OID). This results in a potentially
exploitable crash.
A security issue has been found in Firefox < 55.0. On Linux systems, if
the content process is compromised, the sandbox broker will allow files
to be truncated even though the sandbox explicitly only has read access
to the local file system and no write permissions.
A security issue has been found in Firefox <55.0. Response header name
interning does not have same-origin protections and these headers are
stored in a global registry. This allows stored header names to be
available cross-origin.
A XUL injection has been found in Firefox < 55.0, in the style editor
in devtools. The Developer Tools feature suffers from a XUL injection
vulnerability due to improper sanitization of the web page source code.
In the worst case, this could allow arbitrary code execution when
opening a malicious page with the style editor tool.
A security issue has been found in Firefox < 55.0. JavaScript in the
about:webrtc page is not sanitized properly being being assigned to
innerHTML. Data on this page is supplied by WebRTC usage and is not
under third-party control, making this difficult to exploit, but the
vulnerability could possibly be used for a cross-site scripting (XSS)
attack.
A use-after-free issue has been found in Firefox < 55.0, in WebSockets,
when the object holding the connection is freed before the
disconnection operation is finished. This results in an exploitable
crash.
A use-after-free issue has been found in Firefox < 55.0, while re-
computing layout for a marquee element during window resizing where the
updated style object is freed while still in use. This results in a
potentially exploitable crash.
A use-after-free vulnerability has been found in Firefox < 55.0, when
manipulating the DOM during the resize event of an image element. If
these elements have been freed due to a lack of strong references, a
potentially exploitable crash may occur when the freed elements are
accessed.
A security issue has been found in Firefox < 55.0. When a page’s
content security policy (CSP) header contains a sandbox directive,
other directives are ignored. This results in the incorrect enforcement
of CSP.
A use-after-free vulnerability has been found in Firefox < 55.0, when
the layer manager is freed too early when rendering specific SVG
content, resulting in a potentially exploitable crash.
A domain hijacking flaw has been found in Firefox < 55.0. A mechanism
that uses AppCache to hijack a URL in a domain using fallback by
serving the files from a sub-path on the domain. This has been
addressed by requiring fallback files be inside the manifest directory.
A CSP information leak has been found in Firefox < 55.0. A content
security policy (CSP) frame-ancestors directive containing origins with
paths allows for comparisons against those paths instead of the origin.
This results in a cross-origin information leak of this path
information.
A use-after-free issue has been found in Firefox < 55.0, when an editor
DOM node is deleted prematurely during tree traversal while still bound
to the document. This results in a potentially exploitable crash.
A remote attacker can access sensitive information, bypass security
restrictions, crash the browser or execute arbitrary code on the
affected host.
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7753
https://bugzilla.mozilla.org/show_bug.cgi?id=1353312
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7779
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1354443%2C1368576%2C1366903%2C1369913%2C1371424%2C1346590%2C1371890%2C1372985%2C1362924%2C1368105%2C1369994%2C1371283%2C1368362%2C1378826%2C1380426%2C1368030%2C1373220%2C1321384%2C1383002
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7780
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1353763%2C1353356%2C1370070%2C1375435%2C1373663%2C1363150%2C1370817%2C1273678%2C1367850%2C1347968%2C1361749%2C1349138%2C1371982%2C1344666%2C1369836%2C1330739%2C1371511%2C1371484
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7781
https://bugzilla.mozilla.org/show_bug.cgi?id=1352039
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7783
https://bugzilla.mozilla.org/show_bug.cgi?id=1360842
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7784
https://bugzilla.mozilla.org/show_bug.cgi?id=1376087
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7785
https://bugzilla.mozilla.org/show_bug.cgi?id=1356985
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7786
https://bugzilla.mozilla.org/show_bug.cgi?id=1365189
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7787
https://bugzilla.mozilla.org/show_bug.cgi?id=1322896
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7788
https://bugzilla.mozilla.org/show_bug.cgi?id=1073952
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7789
https://bugzilla.mozilla.org/show_bug.cgi?id=1074642
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7791
https://bugzilla.mozilla.org/show_bug.cgi?id=1365875
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7792
https://bugzilla.mozilla.org/show_bug.cgi?id=1368652
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7794
https://bugzilla.mozilla.org/show_bug.cgi?id=1374281
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7797
https://bugzilla.mozilla.org/show_bug.cgi?id=1334776
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7798
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1371586%2C1372112
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7799
https://bugzilla.mozilla.org/show_bug.cgi?id=1372509
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7800
https://bugzilla.mozilla.org/show_bug.cgi?id=1374047
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7801
https://bugzilla.mozilla.org/show_bug.cgi?id=1371259
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7802
https://bugzilla.mozilla.org/show_bug.cgi?id=1378147
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7803
https://bugzilla.mozilla.org/show_bug.cgi?id=1377426
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7806
https://bugzilla.mozilla.org/show_bug.cgi?id=1378113
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7807
https://bugzilla.mozilla.org/show_bug.cgi?id=1376459
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7808
https://bugzilla.mozilla.org/show_bug.cgi?id=1367531
https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7809
https://bugzilla.mozilla.org/show_bug.cgi?id=1380284
https://security.archlinux.org/CVE-2017-7753
https://security.archlinux.org/CVE-2017-7779
https://security.archlinux.org/CVE-2017-7780
https://security.archlinux.org/CVE-2017-7781
https://security.archlinux.org/CVE-2017-7783
https://security.archlinux.org/CVE-2017-7784
https://security.archlinux.org/CVE-2017-7785
https://security.archlinux.org/CVE-2017-7786
https://security.archlinux.org/CVE-2017-7787
https://security.archlinux.org/CVE-2017-7788
https://security.archlinux.org/CVE-2017-7789
https://security.archlinux.org/CVE-2017-7791
https://security.archlinux.org/CVE-2017-7792
https://security.archlinux.org/CVE-2017-7794
https://security.archlinux.org/CVE-2017-7797
https://security.archlinux.org/CVE-2017-7798
https://security.archlinux.org/CVE-2017-7799
https://security.archlinux.org/CVE-2017-7800
https://security.archlinux.org/CVE-2017-7801
https://security.archlinux.org/CVE-2017-7802
https://security.archlinux.org/CVE-2017-7803
https://security.archlinux.org/CVE-2017-7806
https://security.archlinux.org/CVE-2017-7807
https://security.archlinux.org/CVE-2017-7808
https://security.archlinux.org/CVE-2017-7809
bugzilla.mozilla.org/buglist.cgi?bug_id=1353763%2C1353356%2C1370070%2C1375435%2C1373663%2C1363150%2C1370817%2C1273678%2C1367850%2C1347968%2C1361749%2C1349138%2C1371982%2C1344666%2C1369836%2C1330739%2C1371511%2C1371484
bugzilla.mozilla.org/buglist.cgi?bug_id=1354443%2C1368576%2C1366903%2C1369913%2C1371424%2C1346590%2C1371890%2C1372985%2C1362924%2C1368105%2C1369994%2C1371283%2C1368362%2C1378826%2C1380426%2C1368030%2C1373220%2C1321384%2C1383002
bugzilla.mozilla.org/buglist.cgi?bug_id=1371586%2C1372112
bugzilla.mozilla.org/show_bug.cgi?id=1073952
bugzilla.mozilla.org/show_bug.cgi?id=1074642
bugzilla.mozilla.org/show_bug.cgi?id=1322896
bugzilla.mozilla.org/show_bug.cgi?id=1334776
bugzilla.mozilla.org/show_bug.cgi?id=1352039
bugzilla.mozilla.org/show_bug.cgi?id=1353312
bugzilla.mozilla.org/show_bug.cgi?id=1356985
bugzilla.mozilla.org/show_bug.cgi?id=1360842
bugzilla.mozilla.org/show_bug.cgi?id=1365189
bugzilla.mozilla.org/show_bug.cgi?id=1365875
bugzilla.mozilla.org/show_bug.cgi?id=1367531
bugzilla.mozilla.org/show_bug.cgi?id=1368652
bugzilla.mozilla.org/show_bug.cgi?id=1371259
bugzilla.mozilla.org/show_bug.cgi?id=1372509
bugzilla.mozilla.org/show_bug.cgi?id=1374047
bugzilla.mozilla.org/show_bug.cgi?id=1374281
bugzilla.mozilla.org/show_bug.cgi?id=1376087
bugzilla.mozilla.org/show_bug.cgi?id=1376459
bugzilla.mozilla.org/show_bug.cgi?id=1377426
bugzilla.mozilla.org/show_bug.cgi?id=1378113
bugzilla.mozilla.org/show_bug.cgi?id=1378147
bugzilla.mozilla.org/show_bug.cgi?id=1380284
security.archlinux.org/AVG-375
security.archlinux.org/CVE-2017-7753
security.archlinux.org/CVE-2017-7779
security.archlinux.org/CVE-2017-7780
security.archlinux.org/CVE-2017-7781
security.archlinux.org/CVE-2017-7783
security.archlinux.org/CVE-2017-7784
security.archlinux.org/CVE-2017-7785
security.archlinux.org/CVE-2017-7786
security.archlinux.org/CVE-2017-7787
security.archlinux.org/CVE-2017-7788
security.archlinux.org/CVE-2017-7789
security.archlinux.org/CVE-2017-7791
security.archlinux.org/CVE-2017-7792
security.archlinux.org/CVE-2017-7794
security.archlinux.org/CVE-2017-7797
security.archlinux.org/CVE-2017-7798
security.archlinux.org/CVE-2017-7799
security.archlinux.org/CVE-2017-7800
security.archlinux.org/CVE-2017-7801
security.archlinux.org/CVE-2017-7802
security.archlinux.org/CVE-2017-7803
security.archlinux.org/CVE-2017-7806
security.archlinux.org/CVE-2017-7807
security.archlinux.org/CVE-2017-7808
security.archlinux.org/CVE-2017-7809
www.mozilla.org/en-US/security/advisories/mfsa2017-18/
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7753
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7779
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7780
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7781
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7783
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7784
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7785
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7786
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7787
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7788
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7789
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7791
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7792
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7794
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7797
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7798
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7799
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7800
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7801
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7802
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7803
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7806
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7807
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7808
www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7809
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.035 Low
EPSS
Percentile
91.5%