Дата обнаружения
|
14/11/2017 |
Уровень угрозы
|
Critical |
Описание
|
Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, spoof user interface, perform cross-site scripting, gain privileges and execute arbitrary code.
Technical details Vulnerability (8) only affects Firefox for OS X and Linux. Other operating systems are not affected. Vulnerability (13) only affects Mozilla Firefox 56 and Firefox ESR 52.4. Vulnerability (7) occurs in redirecting from HTTPS to HTTP Vulnerabilities 1,2,13 are related to Mozilla Firefox ESR. All vulnerabilities are related to Mozilla Firefox. NB: This vulnerabilities does not have any public CVSS rating, so rating can be changed by the time. |
Пораженные продукты
|
Mozilla Firefox versions earlier than 57 |
Решение
|
Update to the latest version |
Первичный источник обнаружения
|
Mozilla Foundation Security Advisory 2017-24 Mozilla Foundation Security Advisory 2017-25 |
Оказываемое влияние
?
|
ACE
[?]
DoS
[?]
SB
[?]
PE
[?]
XSS/CSS
[?]
SUI
[?]
|
Связанные продукты
|
Mozilla Firefox Mozilla Firefox ESR |
CVE-IDS
|
CVE-2017-78287.5Critical CVE-2017-78304.3Warning CVE-2017-78315.0Critical CVE-2017-78325.0Critical CVE-2017-78335.0Critical CVE-2017-78344.3Warning CVE-2017-78357.5Critical CVE-2017-78364.6Warning CVE-2017-78375.0Critical CVE-2017-78385.0Critical CVE-2017-78394.3Warning CVE-2017-78404.3Warning CVE-2017-78425.0Critical |
Узнай статистику распространения уязвимостей в твоем регионе |