KLA11545
Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, perform cross-site scripting attack, bypass security restrictions, gain privileges.

Below is a complete list of vulnerabilities:

1. A vulnerability can be exploited remotely to execute arbitrary code;
2. Multiple memory corruption vulnerabilities can be exploited to execute arbitrary code;
3. A vulnerability can be exploited remotely to perform cross-site scripting attacks;
4. A sandbox escape vulnerability can be exploited to bypass security restrictions;
5. A type confusion vulnerability can be exploited to cause denial of service;
6. A same-origin policy violation vulnerability can be exploited to bypass security restrictions;
7. Multiple race condition vulnerabilities in Mozilla Maintenance Service can be exploited to gain privileges;
8. A vulnerability in WebRTC can be exploited to bypass security restrictions;
9. Multiple use-after-free vulnerabilities can be exploited remotely to cause denial of service;
10. A cross-origin access vulnerability can be exploited to bypass security restrictions;

Mozilla Firefox earlier than 60.9
Mozilla Firefox earlier than 68.1

Update to the latest version
Download Mozilla Firefox ESR