9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.579 Medium
EPSS
Percentile
97.7%
04/19/2017
Critical
Multiple serious vulnerabilities have been found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause a denial of service, spoof user interface, obtain sensitive information, execute arbitrary code, perform cross-site scripting attacks, bypass security restrictions, gain privileges and read/write local files.
Mozilla Firefox versions earlier than 53
Mozilla Firefox ESR versions earlier than 45.9
Mozilla Firefox ESR versions earlier than 52.1
Update to the latest version
Download Mozilla Firefox ESR
Download Mozilla Firefox
MFSA-2017-10
MFSA-2017-11
MFSA-2017-12
ACE
CVE-2016-101975.0Warning
CVE-2017-54617.5Critical
CVE-2016-63547.5Critical
CVE-2017-54337.5Critical
CVE-2017-54357.5Critical
CVE-2017-54366.8High
CVE-2017-54597.5Critical
CVE-2017-54664.3Warning
CVE-2017-54347.5Critical
CVE-2017-54327.5Critical
CVE-2017-54607.5Critical
CVE-2017-54387.5Critical
CVE-2017-54397.5Critical
CVE-2017-54407.5Critical
CVE-2017-54417.5Critical
CVE-2017-54427.5Critical
CVE-2017-54647.5Critical
CVE-2017-54437.5Critical
CVE-2017-54445.0Warning
CVE-2017-54467.5Critical
CVE-2017-54476.4High
CVE-2017-54656.4High
CVE-2017-54545.0Warning
CVE-2017-54697.5Critical
CVE-2017-54455.0Warning
CVE-2017-54495.0Warning
CVE-2017-54514.3Warning
CVE-2017-54625.0Warning
CVE-2017-54675.0Warning
CVE-2017-54307.5Critical
CVE-2017-54297.5Critical
CVE-2016-101957.5Critical
CVE-2016-101965.0Warning
CVE-2017-54487.5Critical
CVE-2017-54555.0Warning
CVE-2017-54567.5Critical
CVE-2017-54505.0Warning
CVE-2017-54635.0Warning
CVE-2017-54524.3Warning
CVE-2017-54534.3Warning
CVE-2017-54584.3Warning
CVE-2017-54686.4High
Public exploits exist for this vulnerability.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10195
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10196
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10197
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6354
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5429
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5430
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5432
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5433
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5434
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5435
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5436
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5438
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5439
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5440
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5441
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5442
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5443
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5444
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5445
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5446
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5447
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5448
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5449
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5450
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5451
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5452
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5453
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5454
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5455
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5456
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5458
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5459
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5460
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5461
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5462
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5463
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5464
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5465
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5466
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5467
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5468
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5469
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Mozilla-Firefox-ESR/
threats.kaspersky.com/en/product/Mozilla-Firefox/
www.mozilla.org/en-US/firefox/new/
www.mozilla.org/en-US/firefox/organizations/all/
www.mozilla.org/en-US/security/advisories/mfsa2017-10/
www.mozilla.org/en-US/security/advisories/mfsa2017-11/
www.mozilla.org/en-US/security/advisories/mfsa2017-12/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.579 Medium
EPSS
Percentile
97.7%