Description
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, cause denial of service, spoof user interface, perform cross-site scripting attack, execute arbitrary code.
Below is a complete list of vulnerabilities:
- A type confusion vulnerability can be exploited remotely to bypass security restrictions;
- A cross-origin resource sharing vulnerability can be exploited remotely via a canvas to obtain sensitive information;
- A use-after-free vulnerability in crash generation server can be exploited remotely to cause denial of service or bypass security restrictions;
- A compartment mismatch vulnerability can be exploited to cause denial of service;
- A use-after-free vulnerability in the chrome event handler can be exploited to cause denial of service;
- A use-after-free vulnerability in AssertWorkerThread can be exploited to cause denial of service;
- A use-after-free vulnerability in XMLHttpRequest can be exploited to cause denial of service;
- A use-after-free vulnerability in the event listener manager can be exploited to cause denial of service;
- A use-after-free vulnerability in the png_image_free function in the libpng library can be exploited to cause denial of service;
- A memory leakage vulnerability in the Windows sandbox can be exploited to obtain sensitive information;
- An unspecified vulnerability can be exploited remotely via specially crafted website to spoof user interface;
- An unspecified vulnerability can be exploited remotely via drag and drop of hyperlinks to and from bookmarks to obtain sensitive information;
- An unspecified vulnerability can be exploited to spoof user interface;
- An unspecified vulnerability can be exploited to perform cross-site scripting attacks;
- Multiple memory corruption vulnerabilities can be exploited to execute arbitrary code.
Original advisories
Related products
CVE list
- CVE-2019-9816 warning
- CVE-2019-9817 warning
- CVE-2019-9818 high
- CVE-2019-9819 critical
- CVE-2019-9820 critical
- CVE-2019-9821 high
- CVE-2019-11691 critical
- CVE-2019-11692 critical
- CVE-2019-7317 warning
- CVE-2019-11694 warning
- CVE-2019-11695 warning
- CVE-2019-11696 high
- CVE-2019-11697 warning
- CVE-2019-11698 warning
- CVE-2019-11700 warning
- CVE-2019-11699 warning
- CVE-2019-11701 warning
- CVE-2019-9814 critical
- CVE-2019-9800 critical
- CVE-2019-9815 high
- CVE-2019-11693 critical
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!