Red Hat: CVE-2017-7843: Important: firefox security update (RHSA-2017:3382)
|4||(AV:L/AC:M/Au:N/C:P/I:P/A:P)||December 04, 2017||December 05, 2017||December 20, 2017|
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
Mozilla Firefox is an open source web browser.
This update upgrades Firefox to version 52.5.1 ESR.
A privacy flaw was discovered in Firefox. In Private Browsing mode, a web worker could write persistent data to IndexedDB, which was not cleared when exiting and would persist across multiple sessions. A malicious website could exploit the flaw to bypass private-browsing protections and uniquely fingerprint visitors. (CVE-2017-7843)
Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Konark as the original reporter.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities