CVE-2017-5425
CVSS v3.0
7.5 (High)
CVSS v2.0
5 (Medium)
EPSS
0.28 % (69th)
Affected Products
3
Advisories
3
The Gecko Media Plugin sandbox allows access to local files that match specific regular expressions. On OS OX, this matching allows access to some data in subdirectories of "/private/var" that could expose personal or temporary data. This has been updated to not allow access to "/private/var" and its subdirectories. Note: this issue only affects OS X. Other operating systems are not affected. This vulnerability affects Firefox < 52 and Thunderbird < 52.
Weaknesses
- CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2018-06-11 21:29:05
(6 years ago) - Updated Date
-
2018-08-09 18:35:53
(6 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
AND |
|
---|
Configuration #2
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...