..
Click anywhere to stop
Click anywhere to stop
Detect date
?
|
09/28/2017 |
Severity
?
|
Critical |
Description
|
Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions, obtain sensitive information and perform cross-site scripting. Below is complete list of vulnerabilities:
Technical details Vulnerability (2) only affects Firefox for Android. Other operating systems are not affected. Vulnerability (3) occurs in design mode while resizing images. Vulnerability (7) only affects OS X operating system. Other operating systems are not affected. Vulnerability (14) only affects Firefox for Android. Other operating systems are not affected. Vulnerability (15) only affects installations with e10 multiprocess turned off. Vulnerabilities 1-9 are related to Mozilla Firefox ESR. All vulnerabilities are related to Mozilla Firefox. NB: Not every vulnerability already has CVSS rating, so cumulative CVSS rating can be not representative. NB: This vulnerability does not have any public CVSS rating, so rating can be changed by the time. NB: At this moment Mozilla has just reserved CVE numbers for these vulnerabilities. Information can be changed soon. |
Affected products
|
Mozilla Firefox versions earlier than 56 |
Solution
|
Update to the latest version |
Original advisories
|
|
Impacts
?
|
ACE [?] OSI [?] DoS [?] SB [?] PE [?] RLF [?] XSS/CSS [?] SUI [?] |
Related products
|
Mozilla Firefox Mozilla Firefox ESR |
CVE-IDS
?
|
CVE-2017-77937.5Critical CVE-2017-78187.5Critical CVE-2017-78197.5Critical CVE-2017-78247.5Critical CVE-2017-78055.0Warning CVE-2017-78146.8High CVE-2017-78255.0Warning CVE-2017-78234.3Warning CVE-2017-78175.0Warning CVE-2017-78125.0Warning CVE-2017-78136.4High CVE-2017-78155.0Warning CVE-2017-78165.0Warning CVE-2017-78217.5Critical CVE-2017-78225.0Warning CVE-2017-78205.0Warning |
Find out the statistics of the vulnerabilities spreading in your region |