Kaspersky Threats

Detect date

?

07/09/2019

Severity

?

Critical

Description

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, perform cross-site scripting attack, spoof user interface, obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

Multiple sandbox escape vulnerabilities can be exploited to bypass security restrictions;
A CORS bypass vulnerability can be exploited to bypass security restrictions;
An use-after-free vulnerability can be exploited to cause denial of service;
A race condition vulnerability can be exploited to cause denial of service;
A HTML parsing error can be exploited to perform cross-site scripting attack;
An improper escape issue can be exploited to spoof user interface;
A vulnerabilitiy can be exploited to obtain sensitive information;
An out-of-bounds read vulnerabilitiy can be exploited to obtain sensitive information;
A character encoding issue can be exploited to perform cross-site scripting attack;
A vulnerability can be exploited to spoof user interface;
A same-origin policy issue can be exploited to obtain sensitive information;
A cookie leakage can be exploited to obtain sensitive information;
Multiple vulnerabilities can be exploited to bypass security restrictions
Multiple memory corruptions vulnerabilities can be exploited remotely to execute arbitrary code.

Affected products

Mozilla Firefox earlier than 68

Solution

Update to the latest version
Download Mozilla Firefox

Original advisories

mfsa2019-21

Impacts

?

ACE

[?]

OSI

[?]

DoS

[?]

SB

[?]

XSS/CSS

[?]

SUI

[?]

Related products

Mozilla Firefox

CVE-IDS

?

CVE-2019-98115.1High
CVE-2019-117116.8High
CVE-2019-117126.8High
CVE-2019-117137.5Critical
CVE-2019-117147.5Critical
CVE-2019-117295.0Critical
CVE-2019-117154.3Warning
CVE-2019-117167.5Critical
CVE-2019-117175.0Critical
CVE-2019-117185.0Critical
CVE-2019-117195.0Critical
CVE-2019-117204.3Warning
CVE-2019-117214.3Warning
CVE-2019-117304.3Warning
CVE-2019-117235.0Critical
CVE-2019-117245.8High
CVE-2019-117254.0Warning
CVE-2019-117275.0Critical
CVE-2019-117284.3Warning
CVE-2019-117107.5Critical
CVE-2019-117097.5Critical

Find out the statistics of the vulnerabilities spreading in your region

Detect date ?	07/09/2019
Severity ?	Critical
Description	Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, perform cross-site scripting attack, spoof user interface, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: Multiple sandbox escape vulnerabilities can be exploited to bypass security restrictions; A CORS bypass vulnerability can be exploited to bypass security restrictions; An use-after-free vulnerability can be exploited to cause denial of service; A race condition vulnerability can be exploited to cause denial of service; A HTML parsing error can be exploited to perform cross-site scripting attack; An improper escape issue can be exploited to spoof user interface; A vulnerabilitiy can be exploited to obtain sensitive information; An out-of-bounds read vulnerabilitiy can be exploited to obtain sensitive information; A character encoding issue can be exploited to perform cross-site scripting attack; A vulnerability can be exploited to spoof user interface; A same-origin policy issue can be exploited to obtain sensitive information; A cookie leakage can be exploited to obtain sensitive information; Multiple vulnerabilities can be exploited to bypass security restrictions Multiple memory corruptions vulnerabilities can be exploited remotely to execute arbitrary code.
Affected products	Mozilla Firefox earlier than 68
Solution	Update to the latest version Download Mozilla Firefox
Original advisories	mfsa2019-21
Impacts ?	ACE [?] OSI [?] DoS [?] SB [?] XSS/CSS [?] SUI [?]
Related products	Mozilla Firefox
CVE-IDS ?	CVE-2019-98115.1High CVE-2019-117116.8High CVE-2019-117126.8High CVE-2019-117137.5Critical CVE-2019-117147.5Critical CVE-2019-117295.0Critical CVE-2019-117154.3Warning CVE-2019-117167.5Critical CVE-2019-117175.0Critical CVE-2019-117185.0Critical CVE-2019-117195.0Critical CVE-2019-117204.3Warning CVE-2019-117214.3Warning CVE-2019-117304.3Warning CVE-2019-117235.0Critical CVE-2019-117245.8High CVE-2019-117254.0Warning CVE-2019-117275.0Critical CVE-2019-117284.3Warning CVE-2019-117107.5Critical CVE-2019-117097.5Critical
	Find out the statistics of the vulnerabilities spreading in your region

KLA11515Multiple vulnerabilities in Mozilla Firefox

KLA11515
Multiple vulnerabilities in Mozilla Firefox