CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
97.6%
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to read uninitialized memory, obtain sensitive
information, spoof the addressbar contents or other UI elements, escape
the sandbox to read local files, conduct cross-site scripting (XSS)
attacks, cause a denial of service via application crash, or execute
arbitrary code. (CVE-2017-5429, CVE-2017-5430, CVE-2017-5432,
CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5437,
CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442,
CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447,
CVE-2017-5448, CVE-2017-5449, CVE-2017-5451, CVE-2017-5453, CVE-2017-5454,
CVE-2017-5455, CVE-2017-5456, CVE-2017-5458, CVE-2017-5459, CVE-2017-5460,
CVE-2017-5461, CVE-2017-5464, CVE-2017-5465, CVE-2017-5466, CVE-2017-5467,
CVE-2017-5468, CVE-2017-5469)
A flaw was discovered in the DRBG number generation in NSS. If an
attacker were able to perform a machine-in-the-middle attack, this flaw
could potentially be exploited to view sensitive information.
(CVE-2017-5462)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 17.04 | noarch | firefox | < 53.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-dbg | < 53.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-dbgsym | < 53.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-dev | < 53.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-globalmenu | < 53.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-locale-af | < 53.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-locale-an | < 53.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-locale-ar | < 53.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-locale-as | < 53.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
Ubuntu | 17.04 | noarch | firefox-locale-ast | < 53.0+build6-0ubuntu0.17.04.1 | UNKNOWN |
ubuntu.com/security/CVE-2017-5429
ubuntu.com/security/CVE-2017-5430
ubuntu.com/security/CVE-2017-5432
ubuntu.com/security/CVE-2017-5433
ubuntu.com/security/CVE-2017-5434
ubuntu.com/security/CVE-2017-5435
ubuntu.com/security/CVE-2017-5436
ubuntu.com/security/CVE-2017-5437
ubuntu.com/security/CVE-2017-5438
ubuntu.com/security/CVE-2017-5439
ubuntu.com/security/CVE-2017-5440
ubuntu.com/security/CVE-2017-5441
ubuntu.com/security/CVE-2017-5442
ubuntu.com/security/CVE-2017-5443
ubuntu.com/security/CVE-2017-5444
ubuntu.com/security/CVE-2017-5445
ubuntu.com/security/CVE-2017-5446
ubuntu.com/security/CVE-2017-5447
ubuntu.com/security/CVE-2017-5448
ubuntu.com/security/CVE-2017-5449
ubuntu.com/security/CVE-2017-5451
ubuntu.com/security/CVE-2017-5453
ubuntu.com/security/CVE-2017-5454
ubuntu.com/security/CVE-2017-5455
ubuntu.com/security/CVE-2017-5456
ubuntu.com/security/CVE-2017-5458
ubuntu.com/security/CVE-2017-5459
ubuntu.com/security/CVE-2017-5460
ubuntu.com/security/CVE-2017-5461
ubuntu.com/security/CVE-2017-5462
ubuntu.com/security/CVE-2017-5464
ubuntu.com/security/CVE-2017-5465
ubuntu.com/security/CVE-2017-5466
ubuntu.com/security/CVE-2017-5467
ubuntu.com/security/CVE-2017-5468
ubuntu.com/security/CVE-2017-5469
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
97.6%