Дата обнаружения
|
28/09/2017 |
Уровень угрозы
|
Critical |
Описание
|
Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions, obtain sensitive information and perform cross-site scripting. Below is complete list of vulnerabilities:
Technical details Vulnerability (2) only affects Firefox for Android. Other operating systems are not affected. Vulnerability (3) occurs in design mode while resizing images. Vulnerability (7) only affects OS X operating system. Other operating systems are not affected. Vulnerability (14) only affects Firefox for Android. Other operating systems are not affected. Vulnerability (15) only affects installations with e10 multiprocess turned off. Vulnerabilities 1-9 are related to Mozilla Firefox ESR. All vulnerabilities are related to Mozilla Firefox. NB: Not every vulnerability already has CVSS rating, so cumulative CVSS rating can be not representative. NB: This vulnerability does not have any public CVSS rating, so rating can be changed by the time. NB: At this moment Mozilla has just reserved CVE numbers for these vulnerabilities. Information can be changed soon. |
Пораженные продукты
|
Mozilla Firefox versions earlier than 56 |
Решение
|
Update to the latest version |
Первичный источник обнаружения
|
MSFA 2017-22 MSFA 2017-21 |
Оказываемое влияние
?
|
ACE
[?]
OSI
[?]
DoS
[?]
SB
[?]
RLF
[?]
XSS/CSS
[?]
SUI
[?]
|
Связанные продукты
|
Mozilla Firefox Mozilla Firefox ESR |
CVE-IDS
|
CVE-2017-77937.5Critical CVE-2017-78187.5Critical CVE-2017-78197.5Critical CVE-2017-78247.5Critical CVE-2017-78055.0Critical CVE-2017-78146.8High CVE-2017-78255.0Critical CVE-2017-78234.3Warning CVE-2017-78175.0Critical CVE-2017-78125.0Critical CVE-2017-78136.4High CVE-2017-78155.0Critical CVE-2017-78165.0Critical CVE-2017-78217.5Critical CVE-2017-78225.0Critical CVE-2017-78205.0Critical |
Узнай статистику распространения уязвимостей в твоем регионе |