VulnerableCode Vulnerability Details

System	Score	Found at
cvssv3	9.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json
epss	0.02031	https://api.first.org/data/v1/epss?cve=CVE-2017-5376
epss	0.02031	https://api.first.org/data/v1/epss?cve=CVE-2017-5376
epss	0.02031	https://api.first.org/data/v1/epss?cve=CVE-2017-5376
epss	0.02031	https://api.first.org/data/v1/epss?cve=CVE-2017-5376
epss	0.02031	https://api.first.org/data/v1/epss?cve=CVE-2017-5376
epss	0.02031	https://api.first.org/data/v1/epss?cve=CVE-2017-5376
epss	0.02031	https://api.first.org/data/v1/epss?cve=CVE-2017-5376
epss	0.02031	https://api.first.org/data/v1/epss?cve=CVE-2017-5376
epss	0.02031	https://api.first.org/data/v1/epss?cve=CVE-2017-5376
epss	0.02031	https://api.first.org/data/v1/epss?cve=CVE-2017-5376
epss	0.02031	https://api.first.org/data/v1/epss?cve=CVE-2017-5376
epss	0.02031	https://api.first.org/data/v1/epss?cve=CVE-2017-5376
cvssv2	6.8	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2	7.5	https://nvd.nist.gov/vuln/detail/CVE-2017-5376
cvssv3	9.8	https://nvd.nist.gov/vuln/detail/CVE-2017-5376
archlinux	Critical	https://security.archlinux.org/AVG-157
archlinux	Critical	https://security.archlinux.org/AVG-158
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2017-03

System

Score

Found at

cvssv3

9.8

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json

epss

0.02031

https://api.first.org/data/v1/epss?cve=CVE-2017-5376

epss

0.02031

https://api.first.org/data/v1/epss?cve=CVE-2017-5376

epss

0.02031

https://api.first.org/data/v1/epss?cve=CVE-2017-5376

epss

0.02031

https://api.first.org/data/v1/epss?cve=CVE-2017-5376

epss

0.02031

https://api.first.org/data/v1/epss?cve=CVE-2017-5376

epss

0.02031

https://api.first.org/data/v1/epss?cve=CVE-2017-5376

epss

0.02031

https://api.first.org/data/v1/epss?cve=CVE-2017-5376

epss

0.02031

https://api.first.org/data/v1/epss?cve=CVE-2017-5376

epss

0.02031

https://api.first.org/data/v1/epss?cve=CVE-2017-5376

epss

0.02031

https://api.first.org/data/v1/epss?cve=CVE-2017-5376

epss

0.02031

https://api.first.org/data/v1/epss?cve=CVE-2017-5376

epss

0.02031

https://api.first.org/data/v1/epss?cve=CVE-2017-5376

cvssv2

6.8

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

cvssv2

7.5

https://nvd.nist.gov/vuln/detail/CVE-2017-5376

cvssv3

9.8

https://nvd.nist.gov/vuln/detail/CVE-2017-5376

archlinux

Critical

https://security.archlinux.org/AVG-157

archlinux

Critical

https://security.archlinux.org/AVG-158

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2017-01

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2017-02

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2017-03

Reference id	Reference type	URL
		http://rhn.redhat.com/errata/RHSA-2017-0190.html
		http://rhn.redhat.com/errata/RHSA-2017-0238.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json
		https://api.first.org/data/v1/epss?cve=CVE-2017-5376
		https://bugzilla.mozilla.org/show_bug.cgi?id=1311687
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://security.gentoo.org/glsa/201702-13
		https://security.gentoo.org/glsa/201702-22
		https://www.debian.org/security/2017/dsa-3771
		https://www.debian.org/security/2017/dsa-3832
		https://www.mozilla.org/security/advisories/mfsa2017-01/
		https://www.mozilla.org/security/advisories/mfsa2017-02/
		https://www.mozilla.org/security/advisories/mfsa2017-03/
		http://www.securityfocus.com/bid/95758
		http://www.securitytracker.com/id/1037693
1416272		https://bugzilla.redhat.com/show_bug.cgi?id=1416272
ASA-201701-39		https://security.archlinux.org/ASA-201701-39
ASA-201701-40		https://security.archlinux.org/ASA-201701-40
AVG-157		https://security.archlinux.org/AVG-157
AVG-158		https://security.archlinux.org/AVG-158
cpe:2.3:a:mozilla:firefox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
cpe:2.3:a:mozilla:firefox_esr::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
cpe:2.3:a:mozilla:thunderbird::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2017-5376		https://nvd.nist.gov/vuln/detail/CVE-2017-5376
mfsa2017-01		https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
mfsa2017-02		https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
mfsa2017-03		https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
RHSA-2017:0190		https://access.redhat.com/errata/RHSA-2017:0190
RHSA-2017:0238		https://access.redhat.com/errata/RHSA-2017:0238
USN-3165-1		https://usn.ubuntu.com/3165-1/
USN-3175-1		https://usn.ubuntu.com/3175-1/

Reference id

Reference type

URL

http://rhn.redhat.com/errata/RHSA-2017-0190.html

http://rhn.redhat.com/errata/RHSA-2017-0238.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json

https://api.first.org/data/v1/epss?cve=CVE-2017-5376

https://bugzilla.mozilla.org/show_bug.cgi?id=1311687

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

https://security.gentoo.org/glsa/201702-13

https://security.gentoo.org/glsa/201702-22

https://www.debian.org/security/2017/dsa-3771

https://www.debian.org/security/2017/dsa-3832

https://www.mozilla.org/security/advisories/mfsa2017-01/

https://www.mozilla.org/security/advisories/mfsa2017-02/

https://www.mozilla.org/security/advisories/mfsa2017-03/

http://www.securityfocus.com/bid/95758

http://www.securitytracker.com/id/1037693

1416272

https://bugzilla.redhat.com/show_bug.cgi?id=1416272

ASA-201701-39

https://security.archlinux.org/ASA-201701-39

ASA-201701-40

https://security.archlinux.org/ASA-201701-40

AVG-157

https://security.archlinux.org/AVG-157

AVG-158

https://security.archlinux.org/AVG-158

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

CVE-2017-5376

https://nvd.nist.gov/vuln/detail/CVE-2017-5376

mfsa2017-01

https://www.mozilla.org/en-US/security/advisories/mfsa2017-01

mfsa2017-02

https://www.mozilla.org/en-US/security/advisories/mfsa2017-02

mfsa2017-03

https://www.mozilla.org/en-US/security/advisories/mfsa2017-03

RHSA-2017:0190

https://access.redhat.com/errata/RHSA-2017:0190

RHSA-2017:0238

https://access.redhat.com/errata/RHSA-2017:0238

USN-3165-1

https://usn.ubuntu.com/3165-1/

USN-3175-1

https://usn.ubuntu.com/3175-1/

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2017-5376

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2017-5376

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:09:15.739498+00:00	Mozilla Importer	Import	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2017/mfsa2017-03.yml	37.0.0

2025-07-31T08:09:15.739498+00:00

Mozilla Importer

Import

https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2017/mfsa2017-03.yml

37.0.0

Vulnerability ID	VCID-npdh-ajd4-4bfb
Aliases	CVE-2017-5376
Summary	Use-after-free while manipulating XSL in XSLT documents
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

Percentile	0.83053
EPSS Score	0.02031
Published At	July 30, 2025, 12:55 p.m.