Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

Описание

Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service and obtain sensitive information.

1. A buffer overflow vulnerability in Direct 3D 9 component can be exploited remotely to cause denial of service;
2. A vulnerability in IndexedDB component can be exploited remotely to obtain sensitive information;

---

Technical details

Vulnerability(1) is related to Firefox and Firefox ESR for Windows OS, other operating systems are unaffected.

Vulnerability(2) is related to Mozilla Firefox ESR

Первичный источник обнаружения

• Mozilla Foundation Security Advisory 2017-29
  Mozilla Foundation Security Advisory 2017-28
  

Связанные продукты

• Mozilla-Firefox
• Mozilla-Firefox-ESR

Список CVE

• CVE-2017-7843
  warning
• CVE-2017-7845
  critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com