7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
Firefox is vulnerable to information disclosure attacks. While hashed codes of JavaScript objects are shared between pages a remote user can determine an object’s address via shared hash codes. This may lead to disclose of sensitive information from the target system.
rhn.redhat.com/errata/RHSA-2017-0190.html
rhn.redhat.com/errata/RHSA-2017-0238.html
www.securityfocus.com/bid/95769
www.securitytracker.com/id/1037693
access.redhat.com/errata/RHSA-2017:0190
access.redhat.com/security/updates/classification/#critical
bugzilla.mozilla.org/show_bug.cgi?id=1312001
bugzilla.mozilla.org/show_bug.cgi?id=1330769
security.gentoo.org/glsa/201702-13
security.gentoo.org/glsa/201702-22
www.debian.org/security/2017/dsa-3771
www.debian.org/security/2017/dsa-3832
www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.7
www.mozilla.org/security/advisories/mfsa2017-01/
www.mozilla.org/security/advisories/mfsa2017-02/
www.mozilla.org/security/advisories/mfsa2017-03/
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N