admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-53xx/CVE-2017-5381.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

161 lines
4.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-5381",
"sourceIdentifier": "security@mozilla.org",
"published": "2018-06-11T21:29:03.060",
"lastModified": "2024-11-21T03:27:29.417",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The \"export\" function in the Certificate Viewer can force local filesystem navigation when the \"common name\" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This vulnerability affects Firefox < 51."
},
{
"lang": "es",
"value": "La funci\u00f3n \"export\" en el visor de certificados puede forzar la navegaci\u00f3n por el sistema de archivos local cuando el \"common name\" en un certificado contiene barras diagonales, lo que permite guardar el contenido de los certificados en ubicaciones inseguras con un nombre de archivo arbitrario. La vulnerabilidad afecta a Firefox en versiones anteriores a la 51."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": true,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "51.0",
"matchCriteriaId": "19A47E81-DD45-46A3-BB7F-C48882794EA6"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/95763",
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1037693",
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1017616",
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2017-01/",
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/95763",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1037693",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1017616",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2017-01/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink