{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T14:57:47.352","vulnerabilities":[{"cve":{"id":"CVE-2017-7794","sourceIdentifier":"security@mozilla.org","published":"2018-06-11T21:29:09.547","lastModified":"2024-11-21T03:32:40.617","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. Note: This attack only affects the Linux operating system. Other operating systems are not affected. This vulnerability affects Firefox < 55."},{"lang":"es","value":"En sistemas Linux, si el proceso content se ve comprometido, el broker del sandbox permitirá el truncado de archivos aunque el sandbox solo tenga explícitamente acceso de lectura al sistema de archivos local y no tenga permisos de escritura. Nota: este ataque solo afecta al sistema operativo Linux. Otros sistemas operativos no se han visto afectados. La vulnerabilidad afecta a Firefox en versiones anteriores a la 55."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":true,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"55.0","matchCriteriaId":"4E741DB2-0D96-41AD-A083-544CAFD70780"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"http://www.securitytracker.com/id/1039124","source":"security@mozilla.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1374281","source":"security@mozilla.org","tags":["Exploit","Issue Tracking","Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"http://www.securitytracker.com/id/1039124","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1374281","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2017-18/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}