Your submission was sent successfully! Close

CVE-2017-5455

Published: 20 April 2017

The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored)
trusty Does not exist
(trusty was released [53.0+build6-0ubuntu0.14.04.1])
upstream
Released (53.0)
xenial
Released (53.0+build6-0ubuntu0.16.04.1)
yakkety
Released (53.0+build6-0ubuntu0.16.10.1)
zesty
Released (53.0+build6-0ubuntu0.17.04.1)
thunderbird
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was needs-triage)
trusty Does not exist
(trusty was not-affected)
upstream Not vulnerable

xenial Not vulnerable

yakkety Not vulnerable

zesty Not vulnerable