Lucene search

K

Veracode Vulnerability DatabaseVERACODE:17674

HistoryMay 02, 2019 - 5:51 a.m.

Privilege Escalation

2019-05-0205:51:34

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

9

EPSS

0.006

Percentile

79.2%

Firefox Firefox ESR and Thunderbird are vulnerable to privilege escalation. A remote user can create a specially crafted SVG image that, when loaded by the target user, will access restricted external resources via ‘data:’ URLs. The affected component is SVG Image Handler.

References

rhn.redhat.com/errata/RHSA-2016-2946.html

rhn.redhat.com/errata/RHSA-2016-2973.html

www.securityfocus.com/bid/94885

www.securitytracker.com/id/1037461

access.redhat.com/errata/RHSA-2016:2973

access.redhat.com/security/updates/classification/#important

bugzilla.mozilla.org/show_bug.cgi?id=1319122

security.gentoo.org/glsa/201701-15

www.debian.org/security/2017/dsa-3757

www.mozilla.org/security/advisories/mfsa2016-94/

www.mozilla.org/security/advisories/mfsa2016-95/

www.mozilla.org/security/advisories/mfsa2016-96/

EPSS

0.006

Percentile

79.2%

Related for VERACODE:17674

prion1 ubuntucve1 cvelist1 nvd1 debiancve1 cve1 redhatcve1 alpinelinux1 nessus31 openvas33 centos2 redhat2 oraclelinux2 kaspersky3 debian4 mozilla3 osv3 mageia3 suse5 ibm2 ubuntu2 freebsd1 archlinux1 gentoo1