Red Hat: CVE-2017-7843: Important: firefox security update (RHSA-2017:3382)
|4||(AV:L/AC:M/Au:N/C:P/I:P/A:P)||December 03, 2017||December 04, 2017||December 19, 2017|
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
Mozilla Firefox is an open source web browser.
This update upgrades Firefox to version 52.5.1 ESR.
A privacy flaw was discovered in Firefox. In Private Browsing mode, a web worker could write persistent data to IndexedDB, which was not cleared when exiting and would persist across multiple sessions. A malicious website could exploit the flaw to bypass private-browsing protections and uniquely fingerprint visitors. (CVE-2017-7843)
Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Konark as the original reporter.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!