CVE-2017-7836 log

Severity Medium
Remote No
Type Privilege escalation
The "pingsender" executable used by the Firefox Health Report before 57.0 dynamically loads a system copy of libcurl, which an attacker could replace. This allows for privilege escalation as the replaced libcurl code will run with Firefox's privileges. This attack requires an attacker have local system access.
Group Package Affected Fixed Severity Status Ticket
AVG-494 firefox 56.0.2-1 57.0-1 Critical Fixed
Date Advisory Group Package Severity Type
15 Nov 2017 ASA-201711-23 AVG-494 firefox Critical multiple issues