vulnerability

Alpine Linux: CVE-2017-5464: firefox-esr Multiple vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Jun 11, 2018	Nov 8, 2019	Dec 4, 2019

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Jun 11, 2018

Added

Nov 8, 2019

Modified

Dec 4, 2019

Description

During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

Solution

alpine-linux-upgrade-firefox-esr

References

ALPINE-7006
BID-97940
CVE-2017-5464
https://attackerkb.com/topics/CVE-2017-5464
DEBIAN-DSA-3831
REDHAT-RHSA-2017:1104
REDHAT-RHSA-2017:1106
REDHAT-RHSA-2017:1201

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report