vulnerability

Alpine Linux: CVE-2017-7787: firefox-esr Multiple vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Aug 11, 2017

Added

Sep 20, 2017

Modified

Dec 27, 2019

Description

Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

Solution

alpine-linux-upgrade-firefox-esr

References

ALPINE-7673
ALPINE-7674
BID-100234
CVE-2017-7787
https://attackerkb.com/topics/CVE-2017-7787
DEBIAN-DSA-3928
DEBIAN-DSA-3968
REDHAT-RHSA-2017:2456
REDHAT-RHSA-2017:2534

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report