KLA11590
Multiple vulnerabilities in Mozilla Firefox ESR
Updated: 05/22/2020
Detect date
?
10/22/2019
Severity
?
Critical
Description

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Vulnerability can be exploited to bypass security restrictions;
  2. Use-after-free vulnerability can be exploited to cause denial of service;
  3. Stack buffer overflow vulnerability can be exploited to cause denial of service;
  4. Vulnerability related to 360 Total Security can be exploited to execute arbitrary code;
  5. Vulnerability related to document.domain can be exploited to execute arbitrary code;
  6. Buffer overflow vulnerability in expat can be exploited to arbitrary code execution;
  7. Memory safety vulnerability can be exploited to execute arbitrary code;
  8. Vulnerability related to HTML parsing can be exploited remotely to bypass security restrictions;
Affected products

Mozilla Firefox earlier than 68.2

Solution

Update to the latest version
Download Mozilla Firefox ESR

Original advisories

Advisory 2019-33

Impacts
?
ACE 
[?]

DoS 
[?]

SB 
[?]
Related products
Mozilla Firefox ESR
CVE-IDS
?
CVE-2019-159030.0Unknown
CVE-2019-117580.0Unknown
CVE-2019-117610.0Unknown
CVE-2019-117570.0Unknown
CVE-2019-117600.0Unknown
CVE-2019-117590.0Unknown
CVE-2019-117620.0Unknown
CVE-2019-117640.0Unknown
CVE-2019-117630.0Unknown