High severity7.5NVD Advisory· Published Jun 11, 2018· Updated Jun 17, 2026
CVE-2017-5425
CVE-2017-5425
Description
The Gecko Media Plugin sandbox allows access to local files that match specific regular expressions. On OS OX, this matching allows access to some data in subdirectories of "/private/var" that could expose personal or temporary data. This has been updated to not allow access to "/private/var" and its subdirectories. Note: this issue only affects OS X. Other operating systems are not affected. This vulnerability affects Firefox < 52 and Thunderbird < 52.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Range: <52
<52+ 1 more
- (no CPE)range: <52
- (no CPE)range: unspecified
<52+ 1 more
- (no CPE)range: <52
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
5- www.securityfocus.com/bid/96692nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1037966nvdThird Party AdvisoryVDB Entry
- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingVendor Advisory
- www.mozilla.org/security/advisories/mfsa2017-05/nvdVendor Advisory
- www.mozilla.org/security/advisories/mfsa2017-09/nvdVendor Advisory
News mentions
0No linked articles in our index yet.