Medium severity5.5NVD Advisory· Published Jun 11, 2018· Updated Jun 17, 2026
CVE-2017-5427
CVE-2017-5427
Description
A non-existent chrome.manifest file will attempt to be loaded during startup from the primary installation directory. If a malicious user with local access puts chrome.manifest and other referenced files in this directory, they will be loaded and activated during startup. This could result in malicious software being added without consent or modification of referenced installed files. This vulnerability affects Firefox < 52.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<52+ 1 more
- (no CPE)range: <52
- (no CPE)range: unspecified
- osv-coords2 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweed
< 128.5.1-1.1+ 1 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 92.0-1.2
Patches
Vulnerability mechanics
References
4- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingPatchVendor Advisory
- www.securityfocus.com/bid/96692nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1037966nvdThird Party AdvisoryVDB Entry
- www.mozilla.org/security/advisories/mfsa2017-05/nvdVendor Advisory
News mentions
0No linked articles in our index yet.