Kaspersky Threats — Die Seite, die Sie aufgerufen haben konnte nicht gefunden werden.<br>Sie können sich aber hier über die aktuellsten Schwachstellen sowie über Schadsoftware informieren.

Beschreibung

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information, spoof user interface.

Below is a complete list of vulnerabilities:

A remote code execution vulnerability in the DOM: Core & HTML component can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in the WebRTC component can be exploited remotely to execute arbitrary code.
Denial of service vulnerability in the Audio/Video: Web Codecs component can be exploited remotely to cause denial of service.
Information disclosure vulnerability in the Graphics: Canvas2D component can be exploited to obtain sensitive information.
Security vulnerability in the Graphics: WebRender component can be exploited to bypass security restrictions.
Denial of service vulnerability in the WebRTC component can be exploited remotely to cause denial of service.
A remote code execution vulnerability in the JavaScript Engine component can be exploited remotely to execute arbitrary code.
Denial of service vulnerability in the JavaScript: WebAssembly component can be exploited remotely to cause denial of service.
A remote code execution vulnerability in the Widget: Cocoa component can be exploited remotely to execute arbitrary code.
Security vulnerability in the Networking component can be exploited to bypass security restrictions.
Security UI vulnerability in the DOM: Core & HTML component can be exploited to spoof user interface.
Security vulnerability in the File Handling component can be exploited to bypass security restrictions.
Denial of service vulnerability in the DOM: Device Interfaces component can be exploited remotely to cause denial of service.
Information disclosure vulnerability in the Form Autofill component can be exploited to obtain sensitive information.
Denial of service vulnerability in the Libraries component in NSS can be exploited remotely to cause denial of service.
Security vulnerability in the Debugger component can be exploited to bypass security restrictions.
Denial of service vulnerability in the Storage: IndexedDB component can be exploited remotely to cause denial of service.
Security vulnerability in the DOM: Security component can be exploited to bypass security restrictions.
Denial of service vulnerability in the WebRTC: Networking component can be exploited remotely to cause denial of service.
A remote code execution vulnerability in Firefox ESR 115 can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Firefox ESR 140 can be exploited remotely to execute arbitrary code.

Ursprüngliche Informationshinweise

MFSA2026-32

Betroffene Produkte

Mozilla-Firefox-ESR

CVE Liste

CVE-2026-6746
critical
CVE-2026-6747
critical
CVE-2026-6748
critical
CVE-2026-6749
critical
CVE-2026-6750
critical
CVE-2026-6751
high
CVE-2026-6752
high
CVE-2026-6753
unknown
CVE-2026-6754
critical
CVE-2026-6757
unknown
CVE-2026-6759
critical
CVE-2026-6761
critical
CVE-2026-6762
unknown
CVE-2026-6763
high
CVE-2026-6764
high
CVE-2026-6765
high
CVE-2026-6766
critical
CVE-2026-6767
high
CVE-2026-6769
critical
CVE-2026-6770
high
CVE-2026-6771
critical
CVE-2026-6772
critical
CVE-2026-6776
critical
CVE-2026-6785
unknown
CVE-2026-6786
unknown

Mehr erfahren

Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com

Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!