KLA11313
Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

Обновлено: 03/06/2020

Дата обнаружения	05/09/2018
Уровень угрозы	Critical
Описание	Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: An use after free vulnerability in refresh driver timers can be exploited remotely to execute arbitrary code or cause denial of service; An use after free vulnerability in IndexedDB can be exploited remotely to execute arbitrary code or cause denial of service; An out-of-bounds write vulnerability in Mozilla Updater can be exploited remotely via malicious MAR file to execute arbitrary code or cause denial of service; Multiple memory corruptions vulnerabilities can be exploited remotely to execute arbitrary code.
Пораженные продукты	Mozilla Firefox earlier than 62 Mozilla Firefox ESR earlier than 60.2
Решение	Update to the latest version Download Mozilla Firefox Download Mozilla Firefox ESR
Первичный источник обнаружения	Mozilla Foundation Security Advisory 2018-20 Mozilla Foundation Security Advisory 2018-21
Оказываемое влияние ?	ACE [?] DoS [?] SB [?] PE [?]
Связанные продукты	Mozilla Firefox Mozilla Firefox ESR
CVE-IDS	CVE-2018-123777.5Critical CVE-2018-123787.5Critical CVE-2018-123794.6Warning CVE-2017-165414.3Warning CVE-2018-123815.0Critical CVE-2018-123825.0Critical CVE-2018-123832.1Warning CVE-2018-123756.8High CVE-2018-123767.5Critical CVE-2018-184994.3Warning
	Узнай статистику распространения уязвимостей в твоем регионе

KLA11313Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

KLA11313
Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR