CVE-2017-5390

Summary

The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

Affected Software

VendorProductVersion RangeStatus
MozillaThunderbirdunspecified < 45.7affected
MozillaFirefox ESRunspecified < 45.7affected
MozillaFirefoxunspecified < 51affected

Weaknesses

  • Insecure communication methods in Developer Tools JSON viewer

ADP Enrichment

CVE Program Container

Additional References

References