vulnerability

MFSA2017-16 Firefox: Security vulnerabilities fixed in Firefox ESR 52.2 (CVE-2017-7755)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Jun 13, 2017	Jun 14, 2017	Aug 11, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Jun 13, 2017

Added

Jun 14, 2017

Modified

Aug 11, 2025

Description

The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. This allows privileged execution if the installer is run with elevated privileges. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

Solution

mozilla-firefox-esr-upgrade-52_2

References

CVE-2017-7755
https://attackerkb.com/topics/CVE-2017-7755
CWE-426
URL-http://www.mozilla.org/security/announce/2017/mfsa2017-16.html

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today