Oracle Linux: (CVE-2017-7843) ELSA-2017-3382: firefox security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | December 05, 2017 | December 05, 2017 | August 17, 2018 |
Description
When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not cleared when exiting. This vulnerability affects Firefox ESR < 52.5.2 and Firefox < 57.0.1.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
Solution
oracle-linux-upgrade-firefoxRelated Vulnerabilities
- Huawei EulerOS: CVE-2017-7843: firefox security update
- Huawei EulerOS: CVE-2017-7843: firefox security update
- Gentoo Linux: CVE-2017-7843: Mozilla Firefox: Multiple vulnerabilities
- SUSE: CVE-2017-7844: SUSE Linux Security Advisory
- FreeBSD: VID-B7E23050-2D5D-4E61-9B48-62E89DB222CA (CVE-2017-7844): mozilla -- multiple vulnerabilities
- Gentoo Linux: CVE-2017-7844: Mozilla Firefox: Multiple vulnerabilities
- Alpine Linux: CVE-2017-7843: firefox-esr Multiple vulnerabilities
- FreeBSD: VID-B7E23050-2D5D-4E61-9B48-62E89DB222CA (CVE-2017-7843): mozilla -- multiple vulnerabilities
- CentOS: (CVE-2017-7843) CESA-2017:3382: firefox
- Debian: CVE-2017-7843: firefox-esr -- security update
- Oracle Solaris 11: CVE-2017-7843: Vulnerability in Firefox
- Red Hat: CVE-2017-7843: Important: firefox security update (RHSA-2017:3382)
- SUSE: CVE-2017-7843: SUSE Linux Security Advisory
- MFSA2017-27 Firefox: Security vulnerabilities fixed in Firefox 57.0.1 (CVE-2017-7843)
- MFSA2017-27 Firefox: Security vulnerabilities fixed in Firefox 57.0.1 (CVE-2017-7844)
- MFSA2017-28 Firefox: Security vulnerabilities fixed in Firefox ESR 52.5.2 (CVE-2017-7843)