JSON View XML View

Key Value
MTID M117540
Title Mozilla Firefox /Firefox ESR Excessive JIT Code Security Bypass
Description A vulnerability in some versions of Mozilla Firefox and Firefox ESR could lead to a security bypass.
Observation A vulnerability in some versions of Mozilla Firefox and Firefox ESR could lead to a security bypass.

The flaw occurs when JIT code allocation can allow for a bypass of ASLR and DEP protections. Successful exploitation could allow a remote attacker to bypass intended access restrictions.


Recommendation The vendor has released an update to address the issue:

https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/
https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/

Vendor Mozilla
Attack Vector Malicious remote network traffic
Importance 9
Impact 10.00084536000
Threat Score 9.33
Labels
References
CVECVE-2017-5375
MTIDM117540
CPEs
cpe:/a:mozilla:firefox:50.0.2
cpe:/a:mozilla:firefox_esr:45.6.0
Created At 2017-01-24 00:00:00 UTC
Updated At 2017-02-08 10:37:27 UTC

Back