Kaspersky ID:
KLA73803
Дата обнаружения:
01/10/2024
Обновлено:
03/10/2024

Описание

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges, spoof user interface, perform cross-site scripting attack, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Security vulnerability in Clipboard can be exploited to bypass security restrictions.
  2. Security UI vulnerability can be exploited to spoof user interface.
  3. Validation of untrusted input vulnerability in new tab page can be exploited to bypass security restrictions.
  4. Cross-site scripting (XSS) vulnerability can be exploited to perform cross-site scripting attack.
  5. Memory safety vulnerability can be exploited to execute arbitrary code.
  6. Memory corruption vulnerability can be exploited to cause a denial of service.
  7. Type confusion vulnerability in WebTransport can be exploited to cause denial of service.
  8. Cross-site scripting (XSS) vulnerability for Android can be exploited to perform cross-site scripting attack.
  9. Memory corruption vulnerability that occurs when reading from memory at a specific point during JIT compilation can be exploited to cause a denial of service.

Первичный источник обнаружения

Связанные продукты

Список CVE

  • CVE-2024-8900
    warning
  • CVE-2024-9397
    unknown
  • CVE-2024-9398
    unknown
  • CVE-2024-9392
    unknown
  • CVE-2024-9402
    unknown
  • CVE-2024-9396
    unknown
  • CVE-2024-9399
    unknown
  • CVE-2024-9393
    unknown
  • CVE-2024-9401
    unknown
  • CVE-2024-9394
    unknown
  • CVE-2024-9400
    unknown

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.