KLA11150
Multiple vulnerabilities in Mozilla Firefox
Updated: 12/05/2017
CVSS
?
7.5
Detect date
?
11/29/2017
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information.

  1. A vulnerability in IndexedDB component can be exploited remotelly to obtain sensitive information;
  2.  A rendering of external SVG images and anchor links can be exploited remotelly to obtain sensitive information;

Technical details

Vulnerability(2) only affects Mozilla Firefox 57.

NB: This vulnerability does not have any public CVSS rating, so rating can be changed by the time.

Affected products

Mozilla Firefox versions earlier then 57.0.1

Solution

Update to the latest version
Download Mozilla Firefox

Original advisories

Mozilla Foundation Security Advisory 2017-27

Impacts
?
OSI 
[?]
Related products
Mozilla Firefox
CVE-IDS
?

CVE-2017-7844
CVE-2017-7843