Vulnerability & Exploit Database

Back to search

MFSA2017-22 Firefox: Security vulnerabilities fixed in Firefox ESR 52.4 (CVE-2017-7814)

Severity CVSS Published Added Modified
4 (AV:L/AC:M/Au:N/C:P/I:P/A:P) September 27, 2017 September 28, 2017 December 04, 2017

Description

File downloads encoded with blob: and data: URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise be detected as suspicious.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

mozilla-firefox-esr-upgrade-52_4

Related Vulnerabilities