CVE-2017-7789

Reference Links

• https://bugzilla.mozilla.org/show_bug.cgi?id=1074642
• https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/
• http://www.securityfocus.com/bid/100374
• http://www.securitytracker.com/id/1039124
• https://www.mozilla.org/security/advisories/mfsa2017-18/

Parent vulnerabilities

(Appears in the following advisories)

• MFSA2017-18

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2017-7798
• CVE-2017-7800
• CVE-2017-7801
• CVE-2017-7809
• CVE-2017-7784
• CVE-2017-7802
• CVE-2017-7785
• CVE-2017-7786
• CVE-2017-7806
• CVE-2017-7753
• CVE-2017-7787
• CVE-2017-7807
• CVE-2017-7792
• CVE-2017-7804
• CVE-2017-7791
• CVE-2017-7808
• CVE-2017-7782
• CVE-2017-7781
• CVE-2017-7794
• CVE-2017-7803
• CVE-2017-7799
• CVE-2017-7783
• CVE-2017-7788
• CVE-2017-7789
• CVE-2017-7790
• CVE-2017-7796
• CVE-2017-7797
• CVE-2017-7780
• CVE-2017-7779

Frequently Asked Questions

• What is the severity of CVE-2017-7789?

  CVE-2017-7789 is considered a moderate severity vulnerability affecting Firefox versions up to 55.

• How do I fix CVE-2017-7789?

  To fix CVE-2017-7789, users should upgrade to Mozilla Firefox version 56 or later.

• What does CVE-2017-7789 affect?

  CVE-2017-7789 affects Mozilla Firefox versions prior to 56, specifically relating to Strict-Transport-Security headers.

• What happens if two STS headers are sent according to CVE-2017-7789?

  If a server sends two Strict-Transport-Security headers, they will be rejected as invalid and HSTS will not be enabled.

• Is there a workaround for CVE-2017-7789?

  There is no specific workaround for CVE-2017-7789 other than upgrading to a secure version of Firefox.