VDB
CVE-2017-7755
CVE-2017-7755
PUBLISHED
CVSS 6.800000190734863 MEDIUM
The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. This allows privileged execution if the installer is run with elevated privileges. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
EPSS 0.77% · 73.8th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
0.77%
73.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox ESR | * |
| Mozilla | Thunderbird | * |
| Mozilla | Firefox | unspecified |
| mozilla | firefox | 0, 0 |
| mozilla | thunderbird | 0 |
Exploit Intelligence
Timeline
- Jun 14, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/ advisory
- 99057 vdb
- https://www.mozilla.org/security/advisories/mfsa2017-15/ url
- 1038689 vdb
- https://bugzilla.mozilla.org/show_bug.cgi?id=1361326 url
- https://www.mozilla.org/security/advisories/mfsa2017-17/ url
- https://www.mozilla.org/security/advisories/mfsa2017-16/ url
- https://nvd.nist.gov/vuln/detail/CVE-2017-7755 advisory
- https://www.mozilla.org/security/advisories/mfsa2017-15 url
- https://www.mozilla.org/security/advisories/mfsa2017-16 url
- https://www.mozilla.org/security/advisories/mfsa2017-17 url