Kaspersky Threats — A página que você está procurando não foi encontrada.<br>Mas você pode ver nossas mais recentes vulnerabilidades e ameaças descritas.

Descrição

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to gain privileges, perform cross-site scripting attack, obtain sensitive information, cause denial of service, spoof user interface, execute arbitrary code, bypass security restrictions.

Below is a complete list of vulnerabilities:

An elevation of privilege vulnerability in the Remote Debugging via USB feature for Android can exploited to gain privileges.
A cross-site-scripting (XSS) vulnerability can be exploited to perform cross-site scripting attack.
A side-channel information leakage vulnerability in graphics component can be exploited to obtain sensitive information.
A heap buffer overflow vulnerability in Freetype can be exploited to cause denial of service.
A security UI vulnerability in fullscreen mode can be exploited remotely to obtain sensitive information and spoof user interface.
A memory safety vulnerability can be exploited to to cause denial of service and execute arbitrary code.
A denial of service vulnerability in History and Location interfaces can be exploited to potentially cause denial of service.
A security bypass vulnerability in DoH can be exploited to security bypass restrictions.
A security bypass vulnerability in Screenshoot mode can be exploited to bypass securty restrictions.
A security bypass vulnerability in OneCRL for Android can be exploited to cause denial of service.
A security UI vulnerability in fullscreen mode for Android can be exploited to spoof user interface and perform cross-site scripting attack.
A use after free vulnerability in nsTArray can be exploited to potentially cause denial of service or execute arbitrary code.
A security bypass vulnerability in “Show Password” feature can be exploited to bypass security restrictions and obtain sensitive information.
A use after free vulnerability in WebRequestService can be exploited to cause denial of service.
A memory corruption vulnerability in JIT compilation can be exploited to potentially cause denial of service.
A security vulnerability in mDNS request for Windows can be exploited to obtain sensitive information.
A security bypass vulnerability in ServiceWorker can be exploited to bypass security restrictions and perform cross-site scripting attack.
A security vulnerability in cookies can be exploited to obtain sensitive information.

Comunicados originais

MFSA2020-51

Exploração

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Produtos relacionados

Mozilla-Firefox-ESR

Lista de CVE

CVE-2020-15999
critical
CVE-2020-16012
warning
CVE-2020-26964
high
CVE-2020-26951
high
CVE-2020-26953
warning
CVE-2020-26956
high
CVE-2020-26962
high
CVE-2020-26968
critical
CVE-2020-26963
warning
CVE-2020-26961
high
CVE-2020-26967
high
CVE-2020-26957
high
CVE-2020-26954
warning
CVE-2020-26969
critical
CVE-2020-26960
critical
CVE-2020-26965
high
CVE-2020-26959
critical
CVE-2020-26952
critical
CVE-2020-26966
high
CVE-2020-26958
high
CVE-2020-26955
high

Saiba mais

Descubra as estatísticas das vulnerabilidades que se espalham em sua região statistics.securelist.com

Encontrou uma imprecisão na descrição desta vulnerabilidade? Avise-nos!