Upstream information

CVE-2017-5428 at MITRE

Description

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

SUSE information

CVSS v2 Scores
  SUSE
Base Score 7.48
Vector AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial

Note from the SUSE Security Team

This vulnerability only affects Firefox 52 and 52 ESR. The Firefox version 45 ESR, used in SUSE Linux Enterprise, was not affected.

SUSE Bugzilla entry: 1029822 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE Leap 42.1
  • MozillaFirefox >= 52.0.1-58.1
  • MozillaFirefox-branding-upstream >= 52.0.1-58.1
  • MozillaFirefox-buildsymbols >= 52.0.1-58.1
  • MozillaFirefox-debuginfo >= 52.0.1-58.1
  • MozillaFirefox-debugsource >= 52.0.1-58.1
  • MozillaFirefox-devel >= 52.0.1-58.1
  • MozillaFirefox-translations-common >= 52.0.1-58.1
  • MozillaFirefox-translations-other >= 52.0.1-58.1
Patchnames:
openSUSE-2017-368
openSUSE Leap 42.2
  • MozillaFirefox >= 52.0.1-57.3.1
  • MozillaFirefox-branding-upstream >= 52.0.1-57.3.1
  • MozillaFirefox-buildsymbols >= 52.0.1-57.3.1
  • MozillaFirefox-debuginfo >= 52.0.1-57.3.1
  • MozillaFirefox-debugsource >= 52.0.1-57.3.1
  • MozillaFirefox-devel >= 52.0.1-57.3.1
  • MozillaFirefox-translations-common >= 52.0.1-57.3.1
  • MozillaFirefox-translations-other >= 52.0.1-57.3.1
Patchnames:
openSUSE-2017-368