Multiple vulnerabilities in Mozilla Firefox

Descripción

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, perform cross-site scripting attack, bypass security restrictions, gain privileges, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. A vulnerability can be exploited remotely to execute arbitrary code;
2. Multiple use-after-free vulnerabilities can be exploited remotely to cause denial of service;
3. A vulnerability can be exploited remotely to perform cross-site scripting attacks;
4. A type confusion vulnerability can be exploited to cause denial of service;
5. A sandbox escape vulnerability can be exploited to bypass security restrictions;
6. A same-origin policy violation vulnerability can be exploited to bypass security restrictions;
7. Multiple race condition vulnerabilities in Mozilla Maintenance Service can be exploited to gain privileges;
8. Multiple memory corruption vulnerabilities can be exploited to execute arbitrary code;
9. A vulnerability in WebRTC can be exploited to bypass security restrictions;
10. An out-of-bounds read vulnerability in Skia can be exploited to obtain sensitive information;
11. A cross-origin access vulnerability can be exploited to bypass security restrictions;

Notas informativas originales

• mfsa2019-25

Explotación

Public exploits exist for this vulnerability.

Productos relacionados

• Mozilla-Firefox

Lista CVE

• CVE-2019-11751
  critical
• CVE-2019-11752
  critical
• CVE-2019-11735
  critical
• CVE-2019-11746
  critical
• CVE-2019-9812
  critical
• CVE-2019-11750
  high
• CVE-2019-11742
  high
• CVE-2019-11738
  high
• CVE-2019-11749
  warning
• CVE-2019-11753
  critical
• CVE-2019-11736
  high
• CVE-2019-11748
  high
• CVE-2019-11740
  critical
• CVE-2019-11747
  high
• CVE-2019-11744
  high
• CVE-2019-11743
  warning
• CVE-2019-11734
  critical
• CVE-2019-11741
  high
• CVE-2019-11737
  high
• CVE-2019-5849
  critical
• CVE-2019-11758
  critical

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com