Lucene search
PRIOn knowledge basePRION:CVE-2017-5409HistoryJun 11, 2018 - 9:29 p.m.
Design/Logic Flaw
2018-06-1121:29:00
PRIOn knowledge base
www.prio-n.com
5
The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 45.8 and Firefox < 52.
Related
cvelist
cvelist
CVE-2017-5409
2018-06-11 21:00:00
debiancve
debiancve
CVE-2017-5409
2018-06-11 21:29:04
cve
cve
CVE-2017-5409
2018-06-11 21:29:04
ubuntucve
ubuntucve
CVE-2017-5409
2018-06-11 00:00:00
nvd
nvd
CVE-2017-5409
2018-06-11 21:29:04
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:0714-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:0732-1)
2021-06-09 00:00:00
Mozilla Firefox ESR Security Advisories (MFSA2017-05, MFSA2017-07) - Windows
2017-03-08 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2017-03-17 21:07:58
Security update for MozillaFirefox (important)
2017-03-17 12:08:28
nessus
nessus
Mozilla Firefox ESR < 45.8 Multiple Vulnerabilities
2017-03-09 00:00:00
SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2017:0714-1)
2017-03-20 00:00:00
SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2017:0732-1)
2017-03-20 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox ESR 45.8 — Mozilla
2017-03-07 00:00:00
Security vulnerabilities fixed in Firefox 52 — Mozilla
2017-03-07 00:00:00
kaspersky
kaspersky
KLA10969 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
2017-03-07 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2017-03-07 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 52.0-alt1
2017-05-08 00:00:00
mageia
mageia
Updated iceape packages fix security vulnerabilities
2018-01-02 14:48:29