High severity7.8NVD Advisory· Published Jun 11, 2018· Updated Jun 17, 2026
CVE-2017-7794
CVE-2017-7794
Description
On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. Note: This attack only affects the Linux operating system. Other operating systems are not affected. This vulnerability affects Firefox < 55.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- osv-coords2 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweed
< 128.5.1-1.1+ 1 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 92.0-1.2
- Range: unspecified
Patches
Vulnerability mechanics
References
3- bugzilla.mozilla.org/show_bug.cginvdExploitIssue TrackingVendor Advisory
- www.securitytracker.com/id/1039124nvdThird Party AdvisoryVDB Entry
- www.mozilla.org/security/advisories/mfsa2017-18/nvdVendor Advisory
News mentions
0No linked articles in our index yet.