CVE-2017-5456
CVSS v3.0
9.8 (Critical)
CVSS v2.0
7.5 (High)
EPSS
5.16 % (93th)
Affected Products
8
Advisories
9
A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.
Weaknesses
- CWE-732
- Incorrect Permission Assignment for Critical Resource
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2018-06-11 21:29:06
(6 years ago) - Updated Date
-
2019-10-03 00:03:26
(5 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...