9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.035 Low
EPSS
Percentile
91.4%
08/08/2017
Critical
Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, privilege escalation, spoof user interface, bypass security restrictions, obtain sensitive information and execute arbitrary code.
Mozilla Firefox versions earlier than 55
Mozilla Firefox ESR versions earlier than 52.3
Update to the latest version
Download Mozilla Firefox ESR
Download Mozilla Firefox
ACE
CVE-2017-77867.5Critical
CVE-2017-77536.4High
CVE-2017-77875.0Warning
CVE-2017-78075.8High
CVE-2017-77927.5Critical
CVE-2017-78045.0Warning
CVE-2017-77915.0Warning
CVE-2017-77825.0Warning
CVE-2017-78035.0Warning
CVE-2017-78007.5Critical
CVE-2017-78017.5Critical
CVE-2017-78097.5Critical
CVE-2017-77847.5Critical
CVE-2017-78027.5Critical
CVE-2017-77857.5Critical
CVE-2017-77986.8High
CVE-2017-78065.0Warning
CVE-2017-78085.0Warning
CVE-2017-77814.3Warning
CVE-2017-77944.6Warning
CVE-2017-77994.3Warning
CVE-2017-77835.0Warning
CVE-2017-77887.5Critical
CVE-2017-77895.0Warning
CVE-2017-77905.0Warning
CVE-2017-77963.3Warning
CVE-2017-77975.0Warning
CVE-2017-77807.5Critical
Public exploits exist for this vulnerability.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7780
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7781
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7782
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7783
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7788
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7789
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7790
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7794
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7796
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7797
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7799
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7804
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7806
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7808
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Mozilla-Firefox-ESR/
threats.kaspersky.com/en/product/Mozilla-Firefox/
www.mozilla.org/en-US/firefox/new/
www.mozilla.org/en-US/firefox/organizations/all/
www.mozilla.org/en-US/security/advisories/mfsa2017-18/
www.mozilla.org/en-US/security/advisories/mfsa2017-19/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.035 Low
EPSS
Percentile
91.4%