Vulnerability Database

313,518

Total vulnerabilities in the database

CVE-2017-7794

On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. Note: This attack only affects the Linux operating system. Other operating systems are not affected. This vulnerability affects Firefox < 55.

Published: Jun 11, 2018
Updated: Nov 9, 2025
CVE: CVE-2017-7794
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-276

Affected Software
References

Software	From	Fixed in
mozilla / firefox	-	55.0

http://www.securitytracker.com/id/1039124
https://bugzilla.mozilla.org/show_bug.cgi?id=1374281
https://www.mozilla.org/security/advisories/mfsa2017-18/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo