CVE-2017-7836 Information
Share on:Description
The \pingsender\ executable used by the Firefox Health Report dynamically loads a system copy of libcurl which an attacker could replace. This allows for privilege escalation as the replaced libcurl code will run with Firefox’s privileges. Note: This attack requires an attacker have local system access and only affects OS X and Linux. Windows systems are not affected. This vulnerability affects Firefox 57.
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Reference
http://www.securityfocus.com/bid/101832
http://www.securitytracker.com/id/1039803
https://bugzilla.mozilla.org/show_bug.cgi?id=1401339
https://www.mozilla.org/security/advisories/mfsa2017-24/
The
\pingsender
executable
used
by
the
Firefox
Health
Report
dynamically
loads
a
system
copy
of
libcurl
which
an
attacker
could
replace.
This
allows
for
privilege
escalation
as
the
replaced
libcurl
code
will
run
with
Firefox’s
privileges.
Note:
This
attack
requires
an
attacker
have
local
system
access
and
only
affects
OS
X
and
Linux.
Windows
systems
are
not
affected.
This
vulnerability
affects
Firefox
57.
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.8