vulnerability
Red Hat: CVE-2017-5456: Critical: firefox security update (RHSA-2017:1106)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Apr 20, 2017 | Apr 20, 2017 | Jul 9, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Apr 20, 2017
Added
Apr 20, 2017
Modified
Jul 9, 2025
Description
A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.
Solutions
no-fix-redhat-rpm-packageredhat-upgrade-firefoxredhat-upgrade-firefox-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.