KLA11150
Multiple vulnerabilities in Mozilla Firefox
Обновлено: 05/12/2017
CVSS
7.5
Дата обнаружения
29/11/2017
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities have been found in Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information.

  1. A vulnerability in IndexedDB component can be exploited remotelly to obtain sensitive information;
  2.  A rendering of external SVG images and anchor links can be exploited remotelly to obtain sensitive information;

Technical details

Vulnerability(2) only affects Mozilla Firefox 57.

NB: This vulnerability does not have any public CVSS rating, so rating can be changed by the time.

Пораженные продукты

Mozilla Firefox versions earlier then 57.0.1

Решение

Update to the latest version
Download Mozilla Firefox

Первичный источник обнаружения
Mozilla Foundation Security Advisory 2017-27
Оказываемое влияние
?
OSI 
[?]
Связанные продукты
Mozilla Firefox
CVE-IDS

CVE-2017-7844
CVE-2017-7843