CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
90.9%
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to read uninitialized memory, obtain sensitive
information, bypass phishing and malware protection, spoof the origin in
modal dialogs, conduct cross-site scripting (XSS) attacks, cause a denial
of service via application crash, or execute arbitrary code.
(CVE-2017-7793, CVE-2017-7810, CVE-2017-7811, CVE-2017-7812,
CVE-2017-7813, CVE-2017-7814, CVE-2017-7815, CVE-2017-7818, CVE-2017-7819,
CVE-2017-7820, CVE-2017-7822, CVE-2017-7823, CVE-2017-7824)
Martin Thomson discovered that NSS incorrectly generated handshake hashes.
A remote attacker could potentially exploit this to cause a denial of
service via application crash, or execute arbitrary code. (CVE-2017-7805)
Multiple security issues were discovered in WebExtensions. If a user were
tricked in to installing a specially crafted extension, an attacker could
potentially exploit these to download and open non-executable files
without interaction, or obtain elevated privileges. (CVE-2017-7816,
CVE-2017-7821)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 17.04 | noarch | firefox | < 56.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-dbg | < 56.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-dbgsym | < 56.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-dev | < 56.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-globalmenu | < 56.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-locale-af | < 56.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-locale-an | < 56.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-locale-ar | < 56.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-locale-as | < 56.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-locale-ast | < 56.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
ubuntu.com/security/CVE-2017-7793
ubuntu.com/security/CVE-2017-7805
ubuntu.com/security/CVE-2017-7810
ubuntu.com/security/CVE-2017-7811
ubuntu.com/security/CVE-2017-7812
ubuntu.com/security/CVE-2017-7813
ubuntu.com/security/CVE-2017-7814
ubuntu.com/security/CVE-2017-7815
ubuntu.com/security/CVE-2017-7816
ubuntu.com/security/CVE-2017-7818
ubuntu.com/security/CVE-2017-7819
ubuntu.com/security/CVE-2017-7820
ubuntu.com/security/CVE-2017-7821
ubuntu.com/security/CVE-2017-7822
ubuntu.com/security/CVE-2017-7823
ubuntu.com/security/CVE-2017-7824
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
90.9%