A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read only access to the local file system. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/#CVE-2017-5454 Acknowledgements: Name: the Mozilla project Upstream: Haik Aftandilian
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:1106 https://access.redhat.com/errata/RHSA-2017:1106
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2017:1201 https://access.redhat.com/errata/RHSA-2017:1201