CVE-2017-5455

Published: Jun 11, 2018Modified: Nov 25, 2025

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.

Affected (11)

Products: Redhat: Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Eus, Enterprise Linux Workstation · Mozilla: Firefox

Redhat

6 products

Enterprise Linux

Enterprise Linux Desktop

Enterprise Linux Server

Enterprise Linux Server Aus

Enterprise Linux Server Eus

Enterprise Linux Workstation

Mozilla

1 product

Firefox

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 7.0
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Server	Version 7.0
Redhat Enterprise Linux Server Aus	Version 7.3
Redhat Enterprise Linux Server Aus	Version 7.4
Redhat Enterprise Linux Server Eus	Version 7.3
Redhat Enterprise Linux Server Eus	Version 7.4
Redhat Enterprise Linux Server Eus	Version 7.5
Redhat Enterprise Linux Workstation	Version 7.0