Vulnerabilities > CVE-2017-7848 - Injection vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
RSS fields can inject new lines into the created email structure, modifying the message body. This vulnerability affects Thunderbird < 52.5.2.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Buffer Overflow via Environment Variables This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
- Server Side Include (SSI) Injection An attacker can use Server Side Include (SSI) Injection to send code to a web application that then gets executed by the web server. Doing so enables the attacker to achieve similar results to Cross Site Scripting, viz., arbitrary code execution and information disclosure, albeit on a more limited scale, since the SSI directives are nowhere near as powerful as a full-fledged scripting language. Nonetheless, the attacker can conveniently gain access to sensitive files, such as password files, and execute shell commands.
- Cross Site Scripting through Log Files An attacker may leverage a system weakness where logs are susceptible to log injection to insert scripts into the system's logs. If these logs are later viewed by an administrator through a thin administrative interface and the log data is not properly HTML encoded before being written to the page, the attackers' scripts stored in the log will be executed in the administrative interface with potentially serious consequences. This attack pattern is really a combination of two other attack patterns: log injection and stored cross site scripting.
- Command Line Execution through SQL Injection An attacker uses standard SQL injection methods to inject data into the command line for execution. This could be done directly through misuse of directives such as MSSQL_xp_cmdshell or indirectly through injection of data into the database that would be interpreted as shell commands. Sometime later, an unscrupulous backend application (or could be part of the functionality of the same application) fetches the injected data stored in the database and uses this data as command line arguments without performing proper validation. The malicious data escapes that data plane by spawning new commands to be executed on the host.
- Subverting Environment Variable Values The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
Nessus
NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-1419.NASL description This update for Mozilla Thunderbird to version 52.5.2 fixes the following vulnerabilities : - CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin (bsc#1074043) - CVE-2017-7847: Local path string can be leaked from RSS feed (bsc#1074044) - CVE-2017-7848: RSS Feed vulnerable to new line Injection (bsc#1074045) - CVE-2017-7829: From address with encoded null character is cut off in message header display (bsc#1074046) last seen 2020-06-05 modified 2017-12-26 plugin id 105457 published 2017-12-26 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105457 title openSUSE Security Update : Mozilla Thunderbird (openSUSE-2017-1419) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2017-1419. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(105457); script_version("3.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-7829", "CVE-2017-7846", "CVE-2017-7847", "CVE-2017-7848"); script_name(english:"openSUSE Security Update : Mozilla Thunderbird (openSUSE-2017-1419)"); script_summary(english:"Check for the openSUSE-2017-1419 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for Mozilla Thunderbird to version 52.5.2 fixes the following vulnerabilities : - CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin (bsc#1074043) - CVE-2017-7847: Local path string can be leaked from RSS feed (bsc#1074044) - CVE-2017-7848: RSS Feed vulnerable to new line Injection (bsc#1074045) - CVE-2017-7829: From address with encoded null character is cut off in message header display (bsc#1074046)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1074043" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1074044" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1074045" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1074046" ); script_set_attribute( attribute:"solution", value:"Update the affected Mozilla Thunderbird packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3"); script_set_attribute(attribute:"patch_publication_date", value:"2017/12/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/12/26"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE42\.2|SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.2 / 42.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE42.2", reference:"MozillaThunderbird-52.5.2-41.24.1") ) flag++; if ( rpm_check(release:"SUSE42.2", reference:"MozillaThunderbird-buildsymbols-52.5.2-41.24.1") ) flag++; if ( rpm_check(release:"SUSE42.2", reference:"MozillaThunderbird-debuginfo-52.5.2-41.24.1") ) flag++; if ( rpm_check(release:"SUSE42.2", reference:"MozillaThunderbird-debugsource-52.5.2-41.24.1") ) flag++; if ( rpm_check(release:"SUSE42.2", reference:"MozillaThunderbird-devel-52.5.2-41.24.1") ) flag++; if ( rpm_check(release:"SUSE42.2", reference:"MozillaThunderbird-translations-common-52.5.2-41.24.1") ) flag++; if ( rpm_check(release:"SUSE42.2", reference:"MozillaThunderbird-translations-other-52.5.2-41.24.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"MozillaThunderbird-52.5.2-53.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"MozillaThunderbird-buildsymbols-52.5.2-53.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"MozillaThunderbird-debuginfo-52.5.2-53.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"MozillaThunderbird-debugsource-52.5.2-53.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"MozillaThunderbird-devel-52.5.2-53.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"MozillaThunderbird-translations-common-52.5.2-53.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"MozillaThunderbird-translations-other-52.5.2-53.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaThunderbird / MozillaThunderbird-buildsymbols / etc"); }
NASL family Windows NASL id MOZILLA_THUNDERBIRD_52_5_2.NASL description The version of Mozilla Thunderbird installed on the remote Windows host is prior to 52.5.2 It is, therefore, affected by multiple vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 105507 published 2018-01-02 reporter This script is Copyright (C) 2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/105507 title Mozilla Thunderbird < 52.5.2 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(105507); script_version("1.4"); script_cvs_date("Date: 2018/07/17 12:00:07"); script_cve_id( "CVE-2017-7845", "CVE-2017-7846", "CVE-2017-7847", "CVE-2017-7848", "CVE-2017-7829" ); script_bugtraq_id(101832); script_name(english:"Mozilla Thunderbird < 52.5.2 Multiple Vulnerabilities"); script_summary(english:"Checks the version of Thunderbird."); script_set_attribute(attribute:"synopsis", value: "The remote Windows host contains a mail client that is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Mozilla Thunderbird installed on the remote Windows host is prior to 52.5.2 It is, therefore, affected by multiple vulnerabilities."); script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/"); script_set_attribute(attribute:"solution", value: "Upgrade to Mozilla Thunderbird version 52.5.2 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/12/22"); script_set_attribute(attribute:"patch_publication_date", value:"2017/12/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/01/02"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:thunderbird"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2018 Tenable Network Security, Inc."); script_dependencies("mozilla_org_installed.nasl"); script_require_keys("Mozilla/Thunderbird/Version"); exit(0); } include("mozilla_version.inc"); port = get_kb_item("SMB/transport"); if (!port) port = 445; installs = get_kb_list("SMB/Mozilla/Thunderbird/*"); if (isnull(installs)) audit(AUDIT_NOT_INST, "Thunderbird"); mozilla_check_version(installs:installs, product:'thunderbird', fix:'52.5.2', severity:SECURITY_HOLE);
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4075.NASL description Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service, information disclosure or spoofing of sender last seen 2020-06-01 modified 2020-06-02 plugin id 105497 published 2018-01-02 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105497 title Debian DSA-4075-1 : thunderbird - security update NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-0061.NASL description An update for thunderbird is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.5.2. Security Fix(es) : * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-7846, CVE-2017-7847, CVE-2017-7848, CVE-2017-7829) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges cure53 and Sabri Haddouche as the original reporters. last seen 2020-05-31 modified 2018-01-08 plugin id 105646 published 2018-01-08 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105646 title RHEL 6 / 7 : thunderbird (RHSA-2018:0061) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3529-1.NASL description It was discovered that a From address encoded with a null character is cut off in the message header display. An attacker could potentially exploit this to spoof the sender address. (CVE-2017-7829) It was discovered that it is possible to execute JavaScript in RSS feeds in some circumstances. If a user were tricked in to opening a specially crafted RSS feed, an attacker could potentially exploit this in combination with another vulnerability, in order to cause unspecified problems. (CVE-2017-7846) It was discovered that the RSS feed can leak local path names. If a user were tricked in to opening a specially crafted RSS feed, an attacker could potentially exploit this to obtain sensitive information. (CVE-2017-7847) It was discovered that RSS feeds are vulnerable to new line injection. If a user were tricked in to opening a specially crafted RSS feed, an attacker could potentially exploit this to cause unspecified problems. (CVE-2017-7848) Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, execute arbitrary code, or cause other unspecified effects. (CVE-2018-5089, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5013, CVE-2018-5104, CVE-2018-5117). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 106482 published 2018-01-30 reporter Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106482 title Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : thunderbird vulnerabilities (USN-3529-1) NASL family Scientific Linux Local Security Checks NASL id SL_20180107_THUNDERBIRD_ON_SL6_X.NASL description This update upgrades Thunderbird to version 52.5.2. Security Fix(es) : - Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-7846, CVE-2017-7847, CVE-2017-7848, CVE-2017-7829) last seen 2020-05-31 modified 2018-01-09 plugin id 105683 published 2018-01-09 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105683 title Scientific Linux Security Update : thunderbird on SL6.x, SL7.x i386/x86_64 (20180107) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2018-0061.NASL description An update for thunderbird is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.5.2. Security Fix(es) : * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-7846, CVE-2017-7847, CVE-2017-7848, CVE-2017-7829) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges cure53 and Sabri Haddouche as the original reporters. last seen 2020-05-31 modified 2018-01-09 plugin id 105658 published 2018-01-09 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105658 title CentOS 6 / 7 : thunderbird (CESA-2018:0061) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201803-14.NASL description The remote host is affected by the vulnerability described in GLSA-201803-14 (Mozilla Thunderbird: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the referenced Mozilla Foundation Security Advisories and CVE identifiers below for details. Impact : A remote attacker may be able to execute arbitrary code, cause a Denial of Service condition, obtain sensitive information, conduct URL hijacking, or conduct cross-site scripting (XSS). Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 108820 published 2018-04-04 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108820 title GLSA-201803-14 : Mozilla Thunderbird: Multiple vulnerabilities NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2018-0061.NASL description From Red Hat Security Advisory 2018:0061 : An update for thunderbird is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.5.2. Security Fix(es) : * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-7846, CVE-2017-7847, CVE-2017-7848, CVE-2017-7829) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges cure53 and Sabri Haddouche as the original reporters. last seen 2020-05-31 modified 2018-01-09 plugin id 105671 published 2018-01-09 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105671 title Oracle Linux 6 / 7 : thunderbird (ELSA-2018-0061) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0126_THUNDERBIRD.NASL description The remote NewStart CGSL host, running version MAIN 4.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - It is possible to spoof the sender last seen 2020-06-01 modified 2020-06-02 plugin id 127376 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127376 title NewStart CGSL MAIN 4.05 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0126) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-1223.NASL description Multiple security issues have been found in the Mozilla Thunderbird mail client including information leaks, unintended JavaScript execution and sender address spoofing. For Debian 7 last seen 2020-03-17 modified 2017-12-28 plugin id 105465 published 2017-12-28 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105465 title Debian DLA-1223-1 : thunderbird security update NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0009_THUNDERBIRD.NASL description The remote NewStart CGSL host, running version MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - It is possible to spoof the sender last seen 2020-06-01 modified 2020-06-02 plugin id 127156 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127156 title NewStart CGSL MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0009) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_6A09C80E6EC7442ABC65D72CE69FD887.NASL description Mozilla Foundation reports : CVE-2017-7845: Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9 CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin CVE-2017-7847: Local path string can be leaked from RSS feed CVE-2017-7848: RSS Feed vulnerable to new line Injection CVE-2017-7829: Mailsploit part 1: From address with encoded null character is cut off in message header display last seen 2020-06-01 modified 2020-06-02 plugin id 105450 published 2017-12-26 reporter This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105450 title FreeBSD : mozilla -- multiple vulnerabilities (6a09c80e-6ec7-442a-bc65-d72ce69fd887)
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
References
- http://www.securityfocus.com/bid/102258
- http://www.securitytracker.com/id/1040123
- https://access.redhat.com/errata/RHSA-2018:0061
- https://bugzilla.mozilla.org/show_bug.cgi?id=1411699
- https://lists.debian.org/debian-lts-announce/2017/12/msg00026.html
- https://www.debian.org/security/2017/dsa-4075
- https://www.mozilla.org/security/advisories/mfsa2017-30/