VulnerableCode Vulnerability Details

System	Score	Found at
cvssv3	6.1	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json
epss	0.01045	https://api.first.org/data/v1/epss?cve=CVE-2017-5407
epss	0.01045	https://api.first.org/data/v1/epss?cve=CVE-2017-5407
epss	0.01045	https://api.first.org/data/v1/epss?cve=CVE-2017-5407
epss	0.01045	https://api.first.org/data/v1/epss?cve=CVE-2017-5407
epss	0.01045	https://api.first.org/data/v1/epss?cve=CVE-2017-5407
epss	0.01045	https://api.first.org/data/v1/epss?cve=CVE-2017-5407
epss	0.01045	https://api.first.org/data/v1/epss?cve=CVE-2017-5407
epss	0.01045	https://api.first.org/data/v1/epss?cve=CVE-2017-5407
epss	0.01045	https://api.first.org/data/v1/epss?cve=CVE-2017-5407
cvssv2	4.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2	4.3	https://nvd.nist.gov/vuln/detail/CVE-2017-5407
cvssv3	6.5	https://nvd.nist.gov/vuln/detail/CVE-2017-5407
archlinux	Critical	https://security.archlinux.org/AVG-193
archlinux	Critical	https://security.archlinux.org/AVG-194
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2017-05
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2017-06
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2017-07
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

System

Score

Found at

cvssv3

6.1

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json

epss

0.01045

https://api.first.org/data/v1/epss?cve=CVE-2017-5407

epss

0.01045

https://api.first.org/data/v1/epss?cve=CVE-2017-5407

epss

0.01045

https://api.first.org/data/v1/epss?cve=CVE-2017-5407

epss

0.01045

https://api.first.org/data/v1/epss?cve=CVE-2017-5407

epss

0.01045

https://api.first.org/data/v1/epss?cve=CVE-2017-5407

epss

0.01045

https://api.first.org/data/v1/epss?cve=CVE-2017-5407

epss

0.01045

https://api.first.org/data/v1/epss?cve=CVE-2017-5407

epss

0.01045

https://api.first.org/data/v1/epss?cve=CVE-2017-5407

epss

0.01045

https://api.first.org/data/v1/epss?cve=CVE-2017-5407

cvssv2

4.3

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

cvssv2

4.3

https://nvd.nist.gov/vuln/detail/CVE-2017-5407

cvssv3

6.5

https://nvd.nist.gov/vuln/detail/CVE-2017-5407

archlinux

Critical

https://security.archlinux.org/AVG-193

archlinux

Critical

https://security.archlinux.org/AVG-194

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

Reference id	Reference type	URL
		http://rhn.redhat.com/errata/RHSA-2017-0459.html
		http://rhn.redhat.com/errata/RHSA-2017-0461.html
		http://rhn.redhat.com/errata/RHSA-2017-0498.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json
		https://api.first.org/data/v1/epss?cve=CVE-2017-5407
		https://bugzilla.mozilla.org/show_bug.cgi?id=1336622
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://www.debian.org/security/2017/dsa-3805
		https://www.debian.org/security/2017/dsa-3832
		https://www.mozilla.org/security/advisories/mfsa2017-05/
		https://www.mozilla.org/security/advisories/mfsa2017-06/
		https://www.mozilla.org/security/advisories/mfsa2017-07/
		https://www.mozilla.org/security/advisories/mfsa2017-09/
		http://www.securityfocus.com/bid/96693
		http://www.securitytracker.com/id/1037966
1429782		https://bugzilla.redhat.com/show_bug.cgi?id=1429782
ASA-201703-2		https://security.archlinux.org/ASA-201703-2
ASA-201703-3		https://security.archlinux.org/ASA-201703-3
AVG-193		https://security.archlinux.org/AVG-193
AVG-194		https://security.archlinux.org/AVG-194
cpe:2.3:a:mozilla:firefox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
cpe:2.3:a:mozilla:thunderbird::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2017-5407		https://nvd.nist.gov/vuln/detail/CVE-2017-5407
GLSA-201705-06		https://security.gentoo.org/glsa/201705-06
GLSA-201705-07		https://security.gentoo.org/glsa/201705-07
mfsa2017-05		https://www.mozilla.org/en-US/security/advisories/mfsa2017-05
mfsa2017-06		https://www.mozilla.org/en-US/security/advisories/mfsa2017-06
mfsa2017-07		https://www.mozilla.org/en-US/security/advisories/mfsa2017-07
mfsa2017-09		https://www.mozilla.org/en-US/security/advisories/mfsa2017-09
RHSA-2017:0459		https://access.redhat.com/errata/RHSA-2017:0459
RHSA-2017:0461		https://access.redhat.com/errata/RHSA-2017:0461
RHSA-2017:0498		https://access.redhat.com/errata/RHSA-2017:0498
USN-3216-1		https://usn.ubuntu.com/3216-1/
USN-3233-1		https://usn.ubuntu.com/3233-1/

Reference id

Reference type

URL

http://rhn.redhat.com/errata/RHSA-2017-0459.html

http://rhn.redhat.com/errata/RHSA-2017-0461.html

http://rhn.redhat.com/errata/RHSA-2017-0498.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json

https://api.first.org/data/v1/epss?cve=CVE-2017-5407

https://bugzilla.mozilla.org/show_bug.cgi?id=1336622

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

https://www.debian.org/security/2017/dsa-3805

https://www.debian.org/security/2017/dsa-3832

https://www.mozilla.org/security/advisories/mfsa2017-05/

https://www.mozilla.org/security/advisories/mfsa2017-06/

https://www.mozilla.org/security/advisories/mfsa2017-07/

https://www.mozilla.org/security/advisories/mfsa2017-09/

http://www.securityfocus.com/bid/96693

http://www.securitytracker.com/id/1037966

1429782

https://bugzilla.redhat.com/show_bug.cgi?id=1429782

ASA-201703-2

https://security.archlinux.org/ASA-201703-2

ASA-201703-3

https://security.archlinux.org/ASA-201703-3

AVG-193

https://security.archlinux.org/AVG-193

AVG-194

https://security.archlinux.org/AVG-194

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

CVE-2017-5407

https://nvd.nist.gov/vuln/detail/CVE-2017-5407

GLSA-201705-06

https://security.gentoo.org/glsa/201705-06

GLSA-201705-07

https://security.gentoo.org/glsa/201705-07

mfsa2017-05

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

mfsa2017-06

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

mfsa2017-07

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

mfsa2017-09

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

RHSA-2017:0459

https://access.redhat.com/errata/RHSA-2017:0459

RHSA-2017:0461

https://access.redhat.com/errata/RHSA-2017:0461

RHSA-2017:0498

https://access.redhat.com/errata/RHSA-2017:0498

USN-3216-1

https://usn.ubuntu.com/3216-1/

USN-3233-1

https://usn.ubuntu.com/3233-1/

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2017-5407

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2017-5407

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:58:44.711179+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/201705-07	38.0.0

2026-04-01T12:58:44.711179+00:00

Gentoo Importer

Import

https://security.gentoo.org/glsa/201705-07

38.0.0

Vulnerability ID	VCID-667g-8khd-kkhm
Aliases	CVE-2017-5407
Summary	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

Percentile	0.77426
EPSS Score	0.01045
Published At	April 1, 2026, 12:55 p.m.