Multiple vulnerabilities in Mozilla Firefox

Описание

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, perform cross-site scripting attack, spoof user interface, obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. Multiple sandbox escape vulnerabilities can be exploited to bypass security restrictions;
2. A CORS bypass vulnerability can be exploited to bypass security restrictions;
3. An use-after-free vulnerability can be exploited to cause denial of service;
4. A race condition vulnerability can be exploited to cause denial of service;
5. A HTML parsing error can be exploited to perform cross-site scripting attack;
6. An improper escape issue can be exploited to spoof user interface;
7. A vulnerabilitiy can be exploited to obtain sensitive information;
8. An out-of-bounds read vulnerabilitiy can be exploited to obtain sensitive information;
9. A character encoding issue can be exploited to perform cross-site scripting attack;
10. A vulnerability can be exploited to spoof user interface;
11. A same-origin policy issue can be exploited to obtain sensitive information;
12. A cookie leakage can be exploited to obtain sensitive information;
13. Multiple vulnerabilities can be exploited to bypass security restrictions
14. Multiple memory corruptions vulnerabilities can be exploited remotely to execute arbitrary code.

Первичный источник обнаружения

• mfsa2019-21
  

Связанные продукты

• Mozilla-Firefox

Список CVE

• CVE-2019-9811
  high
• CVE-2019-11711
  high
• CVE-2019-11712
  high
• CVE-2019-11713
  critical
• CVE-2019-11714
  critical
• CVE-2019-11729
  warning
• CVE-2019-11715
  warning
• CVE-2019-11716
  critical
• CVE-2019-11717
  warning
• CVE-2019-11718
  warning
• CVE-2019-11719
  warning
• CVE-2019-11720
  warning
• CVE-2019-11721
  warning
• CVE-2019-11730
  warning
• CVE-2019-11723
  warning
• CVE-2019-11724
  high
• CVE-2019-11725
  warning
• CVE-2019-11727
  warning
• CVE-2019-11728
  warning
• CVE-2019-11710
  critical
• CVE-2019-11709
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com