Multiple vulnerabilities in Mozilla Firefox

Descripción

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, perform cross-site scripting attack, spoof user interface, obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. Multiple sandbox escape vulnerabilities can be exploited to bypass security restrictions;
2. A CORS bypass vulnerability can be exploited to bypass security restrictions;
3. An use-after-free vulnerability can be exploited to cause denial of service;
4. A race condition vulnerability can be exploited to cause denial of service;
5. A HTML parsing error can be exploited to perform cross-site scripting attack;
6. An improper escape issue can be exploited to spoof user interface;
7. A vulnerabilitiy can be exploited to obtain sensitive information;
8. An out-of-bounds read vulnerabilitiy can be exploited to obtain sensitive information;
9. A character encoding issue can be exploited to perform cross-site scripting attack;
10. A vulnerability can be exploited to spoof user interface;
11. A same-origin policy issue can be exploited to obtain sensitive information;
12. A cookie leakage can be exploited to obtain sensitive information;
13. Multiple vulnerabilities can be exploited to bypass security restrictions
14. Multiple memory corruptions vulnerabilities can be exploited remotely to execute arbitrary code.

Notas informativas originales

• mfsa2019-21

Explotación

Public exploits exist for this vulnerability.

Productos relacionados

• Mozilla-Firefox

Lista CVE

• CVE-2019-9811
  critical
• CVE-2019-11711
  critical
• CVE-2019-11712
  critical
• CVE-2019-11713
  critical
• CVE-2019-11714
  critical
• CVE-2019-11729
  critical
• CVE-2019-11715
  high
• CVE-2019-11716
  critical
• CVE-2019-11717
  high
• CVE-2019-11718
  high
• CVE-2019-11719
  critical
• CVE-2019-11720
  high
• CVE-2019-11721
  high
• CVE-2019-11730
  high
• CVE-2019-11723
  critical
• CVE-2019-11724
  high
• CVE-2019-11725
  high
• CVE-2019-11727
  high
• CVE-2019-11728
  warning
• CVE-2019-11710
  critical
• CVE-2019-11709
  critical

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com