Back to search

Oracle Solaris 11: CVE-2017-7814: Vulnerability in Firefox, Thunderbird

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	November 30, 2017	November 30, 2017	August 08, 2018

Description

File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise be detected as suspicious. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

Free InsightVM Trial

References

BID-101059
CVE-2017-7814
DEBIAN-DSA-3987
DEBIAN-DSA-4014
REDHAT-RHSA-2017:2831
REDHAT-RHSA-2017:2885
URL: https://support.oracle.com/epmos/faces/DocumentDisplay?id=1448883.1&displayIndex=1

Solution

oracle-solaris-11-3-upgrade-mail-thunderbird-52-4-0-0-175-3-26-0-4-0

Related Vulnerabilities

Oracle Solaris 11: CVE-2017-7823: Vulnerability in Firefox, Thunderbird
CentOS: (CVE-2017-7814) (Multiple Advisories): thunderbird
Gentoo Linux: CVE-2017-7805: Mozilla Thunderbird: Multiple vulnerabilities
Red Hat: CVE-2017-7805: Important: nss security update (RHSA-2017:2832)
Debian: CVE-2017-7814: thunderbird -- security update
Huawei EulerOS: CVE-2017-7805: nss security update
Amazon Linux AMI: CVE-2017-7805: Security patch for nss (ALAS-2017-911)
MFSA2017-22 Firefox: Security vulnerabilities fixed in Firefox ESR 52.4 (CVE-2017-7805)
Alpine Linux: CVE-2017-7814: firefox-esr Multiple vulnerabilities
SUSE: CVE-2017-7814: SUSE Linux Security Advisory
MFSA2017-22 Firefox: Security vulnerabilities fixed in Firefox ESR 52.4 (CVE-2017-7825)
MFSA2017-22 Firefox: Security vulnerabilities fixed in Firefox ESR 52.4 (CVE-2017-7823)
Sun Patch: NSS_NSPR_JSS 3.35 Solaris: NSPR 4.18 / NSS 3.35 / JSS 4.3.2 Mainte
Red Hat: CVE-2017-7823: Critical: firefox security update (Multiple Advisories)
Debian: CVE-2017-7805: thunderbird -- security update
Red Hat: CVE-2017-7814: Critical: firefox security update (Multiple Advisories)
Gentoo Linux: CVE-2017-7814: Mozilla Thunderbird: Multiple vulnerabilities
Gentoo Linux: CVE-2017-7825: Mozilla Thunderbird: Multiple vulnerabilities
Oracle Linux: (CVE-2017-7805) ELSA-2017-2832: nss security update
Ubuntu: (Multiple Advisories) (CVE-2017-7823): Thunderbird vulnerabilities
FreeBSD: VID-1098A15B-B0F6-42B7-B5C7-8A8646E8BE07 (CVE-2017-7825): mozilla -- multiple vulnerabilities
CentOS: (CVE-2017-7823) (Multiple Advisories): thunderbird
MFSA2017-21 Firefox: Security vulnerabilities fixed in Firefox 56 (CVE-2017-7805)
SUSE: CVE-2017-7823: SUSE Linux Security Advisory
FreeBSD: VID-1098A15B-B0F6-42B7-B5C7-8A8646E8BE07 (CVE-2017-7814): mozilla -- multiple vulnerabilities
Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
MFSA2017-23 Thunderbird: Security vulnerabilities fixed in Thunderbird 52.4 (CVE-2017-7805)
MFSA2017-21 Firefox: Security vulnerabilities fixed in Firefox 56 (CVE-2017-7823)
Alpine Linux: CVE-2017-7823: firefox-esr Multiple vulnerabilities
Huawei EulerOS: CVE-2017-7805: nss security update
Oracle Linux: (CVE-2017-7814) (Multiple Advisories): thunderbird security update
Sun Patch: NSS_NSPR_JSS 3.30.2_x86: NSPR 4.15 / NSS 3.30.2 / JSS 4.3.2
Oracle Solaris 11: CVE-2017-7825: Vulnerability in Firefox, Thunderbird
Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
MFSA2017-21 Firefox: Security vulnerabilities fixed in Firefox 56 (CVE-2017-7825)
MFSA2017-23 Thunderbird: Security vulnerabilities fixed in Thunderbird 52.4 (CVE-2017-7825)
SUSE: CVE-2017-7805: SUSE Linux Security Advisory
FreeBSD: VID-1098A15B-B0F6-42B7-B5C7-8A8646E8BE07 (CVE-2017-7823): mozilla -- multiple vulnerabilities
MFSA2017-23 Thunderbird: Security vulnerabilities fixed in Thunderbird 52.4 (CVE-2017-7814)
CentOS: (CVE-2017-7805) CESA-2017:2832: nss
Alpine Linux: CVE-2017-7825: firefox-esr Multiple vulnerabilities
Ubuntu: (Multiple Advisories) (CVE-2017-7805): Thunderbird vulnerabilities
Sun Patch: NSS_NSPR_JSS 3.35_x86: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
Debian: CVE-2017-7823: thunderbird -- security update
FreeBSD: (Multiple Advisories) (CVE-2017-7805): mozilla -- multiple vulnerabilities
Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
Ubuntu: (Multiple Advisories) (CVE-2017-7814): Thunderbird vulnerabilities
SUSE: CVE-2017-7825: SUSE Linux Security Advisory
Alpine Linux: CVE-2017-7805: firefox-esr Multiple vulnerabilities
Gentoo Linux: CVE-2017-7823: Mozilla Thunderbird: Multiple vulnerabilities
Sun Patch: NSS_NSPR_JSS 3.35 Solaris_x86: NSPR 4.18 / NSS 3.35 / JSS 4.3.2 Ma
MFSA2017-22 Firefox: Security vulnerabilities fixed in Firefox ESR 52.4 (CVE-2017-7814)
MFSA2017-21 Firefox: Security vulnerabilities fixed in Firefox 56 (CVE-2017-7814)
Oracle Solaris 11: CVE-2017-7805: Vulnerability in Firefox, Thunderbird
MFSA2017-23 Thunderbird: Security vulnerabilities fixed in Thunderbird 52.4 (CVE-2017-7823)
Oracle Linux: (CVE-2017-7823) (Multiple Advisories): thunderbird security update

Vulnerability & Exploit Database

Oracle Solaris 11: CVE-2017-7814: Vulnerability in Firefox, Thunderbird

Description

Scan For This Vulnerability

References

Solution

Related Vulnerabilities

Legal

Resources & Help

Connect With Us

Stay in touch:

Quick Cookie Notification

Vulnerability & Exploit Database

Oracle Solaris 11: CVE-2017-7814: Vulnerability in Firefox, Thunderbird

Description

Scan For This Vulnerability

References

Solution

Related Vulnerabilities

Legal

Resources & Help

Connect With Us

Stay in touch: