Kaspersky ID:
KLA73124
Дата обнаружения:
03/09/2024
Обновлено:
05/09/2024

Описание

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack, cause denial of service, bypass security restrictions, spoof user interface.

Below is a complete list of vulnerabilities:

  1. Memory safety vulnerability can be exploited to execute arbitrary code.
  2. Cross-site scripting (XSS) vulnerability can be exploited to perform cross-site scripting attack.
  3. Type confusion vulnerability when looking up a property name in a «with» block can be exploited to cause denial of service.
  4. Type confusion vulnerability in WASM can be exploited to cause denial of service.
  5. Security vulnerability can be exploited to bypass security restrictions.
  6. Security UI vulnerability can be exploited to spoof user interface.

Первичный источник обнаружения

Связанные продукты

Список CVE

  • CVE-2024-8387
    critical
  • CVE-2024-8383
    critical
  • CVE-2024-8381
    critical
  • CVE-2024-8385
    critical
  • CVE-2024-8386
    high
  • CVE-2024-8382
    critical
  • CVE-2024-8384
    critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.