CVE-2017-5414
N/A
N/A
Summary
The file picker dialog can choose and display the wrong local default directory when instantiated. On some operating systems, this can lead to information disclosure, such as the operating system or the local account name. This vulnerability affects Firefox < 52 and Thunderbird < 52.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Mozilla | Firefox | unspecified < 52 | affected |
| Mozilla | Thunderbird | unspecified < 52 | affected |
Weaknesses
- File picker can choose incorrect default directory
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.mozilla.org/show_bug.cgi?id=1319370
- https://www.mozilla.org/security/advisories/mfsa2017-09/
- https://www.mozilla.org/security/advisories/mfsa2017-05/
- http://www.securitytracker.com/id/1037966
- http://www.securityfocus.com/bid/96692
References
- https://bugzilla.mozilla.org/show_bug.cgi?id=1319370
- https://www.mozilla.org/security/advisories/mfsa2017-09/
- https://www.mozilla.org/security/advisories/mfsa2017-05/
- http://www.securitytracker.com/id/1037966
- http://www.securityfocus.com/bid/96692
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.