Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-7798

Опубликовано: 08 авг. 2017
Источник: redhat
CVSS3: 8.8

Описание

The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.

Дополнительная информация

Статус:

Critical
Дефект:
CWE-77
https://bugzilla.redhat.com/show_bug.cgi?id=1479213Mozilla: XUL injection in the style editor in devtools (MFSA 2017-19)

8.8 High

CVSS3

Связанные уязвимости

CVSS3: 8.8
ubuntu
около 7 лет назад

The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.

CVSS3: 8.8
nvd
около 7 лет назад

The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.

CVSS3: 8.8
debian
около 7 лет назад

The Developer Tools feature suffers from a XUL injection vulnerability ...

CVSS3: 8.8
github
около 3 лет назад

The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.

CVSS3: 7.5
fstec
около 8 лет назад

Уязвимость компонента Developer Tools браузера Mozilla Firefox ESR, позволяющая нарушителю выполнить произвольный код

8.8 High

CVSS3