..
Click anywhere to stop
Click anywhere to stop
Detect date
?
|
11/14/2017 |
Severity
?
|
Critical |
Description
|
Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, spoof user interface, perform cross-site scripting, gain privileges and execute arbitrary code.
Technical details Vulnerability (8) only affects Firefox for OS X and Linux. Other operating systems are not affected. Vulnerability (13) only affects Mozilla Firefox 56 and Firefox ESR 52.4. Vulnerability (7) occurs in redirecting from HTTPS to HTTP Vulnerabilities 1,2,13 are related to Mozilla Firefox ESR. All vulnerabilities are related to Mozilla Firefox. NB: This vulnerabilities does not have any public CVSS rating, so rating can be changed by the time. |
Affected products
|
Mozilla Firefox versions earlier than 57 |
Solution
|
Update to the latest version |
Original advisories
|
Mozilla Foundation Security Advisory 2017-24 |
Impacts
?
|
ACE [?] DoS [?] SB [?] PE [?] XSS/CSS [?] SUI [?] |
Related products
|
Mozilla Firefox Mozilla Firefox ESR |
CVE-IDS
?
|
CVE-2017-78287.5Critical CVE-2017-78304.3Warning CVE-2017-78315.0Warning CVE-2017-78325.0Warning CVE-2017-78335.0Warning CVE-2017-78344.3Warning CVE-2017-78357.5Critical CVE-2017-78364.6Warning CVE-2017-78375.0Warning CVE-2017-78385.0Warning CVE-2017-78394.3Warning CVE-2017-78404.3Warning CVE-2017-78425.0Warning |
Find out the statistics of the vulnerabilities spreading in your region |