PT-2017-4023 · Mozilla+2 · Firefox+2

Abhishek Arya

Publicado

2017-07-24

Atualizado

2024-12-12

CVE-2017-7813

CVSS v2.0

8.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:C

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 56

Description The issue is related to a JavaScript parser vulnerability in Mozilla Firefox, which involves reading data beyond buffer boundaries in memory. This can potentially allow a remote attacker to gain unauthorized access to protected information or cause a denial of service. The vulnerability usually results in a non-exploitable crash but can leak a limited amount of information from memory if it matches JavaScript identifier syntax.

Recommendations For versions prior to 56, update to version 56 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information until the update is applied.

Exploit

Correção

Out of bounds Read

Incorrect Type Conversion or Cast

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125CWE-704

Identificadores relacionados

ALT-PU-2017-2437

ALT-PU-2018-1854

BDU:2021-00182

CVE-2017-7813

OPENSUSE-SU-2024:10600-1

OPENSUSE-SU-2024:14572-1

USN-3435-1

USN-3435-2

Produtos afetados

Alt Linux

Firefox

Ubuntu

PT-2017-4023 · Mozilla+2 · Firefox+2

CVE-2017-7813

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 1896