9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.1%
11/14/2017
Critical
Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, spoof user interface, perform cross-site scripting, gain privileges and execute arbitrary code.
Mozilla Firefox versions earlier than 57
Mozilla Firefox ESR versions earlier than 52.5
Mozilla Firefox versions earlier than 57
Mozilla Firefox ESR versions earlier than 52.5
Update to the latest version
Download Mozilla Firefox
Mozilla Foundation Security Advisory 2017-24
Mozilla Foundation Security Advisory 2017-25
ACE
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7828
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7830
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7831
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7832
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7833
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7834
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7835
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7836
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7837
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7838
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7839
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7840
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7842
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Mozilla-Firefox-ESR/
threats.kaspersky.com/en/product/Mozilla-Firefox/
www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7834
www.mozilla.org/en-US/security/advisories/mfsa2017-25/
www.mozilla.org/ru/firefox/new/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.1%