vulnerability
Ubuntu: (CVE-2017-16541): firefox vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Nov 4, 2017 | Nov 19, 2024 | Aug 18, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Nov 4, 2017
Added
Nov 19, 2024
Modified
Aug 18, 2025
Description
Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.
Solutions
ubuntu-upgrade-firefoxubuntu-upgrade-thunderbird
References
- CVE-2017-16541
- https://attackerkb.com/topics/CVE-2017-16541
- CWE-200
- DEBIAN-DSA-4327
- URL-https://blog.torproject.org/tor-browser-709-released
- URL-https://trac.torproject.org/projects/tor/ticket/24052
- URL-https://www.cve.org/CVERecord?id=CVE-2017-16541
- URL-https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2017-16541
- URL-https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2017-16541
- URL-https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2017-16541
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.