Multiple vulnerabilities in Mozilla Firefox ESR

Описание

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, spoof user interface, cause denial of service.

Below is a complete list of vulnerabilities:

1. Memory safety vulnerability can be exploited to execute arbitrary code.
2. Security vulnerability can be exploited to bypass security restrictions.
3. Security vulnerability in Enhanced Tracking Protection’s Strict mode can be exploited to bypass security restrictions.
4. Security UI vulnerability in URL Bar can be exploited to spoof user interface.
5. Security UI vulnerability can be exploited to spoof user interface.
6. A remote code execution vulnerability in Executable File Confirmation Dialog can be exploited remotely to execute arbitrary code.
7. Denial of service vulnerability can be exploited remotely to cause denial of service.
8. Out of bounds memory write vulnerability in Apple GPU drivers can be exploited to cause denial of service.

Первичный источник обнаружения

• MFSA2024-64
  

Связанные продукты

• Mozilla-Firefox-ESR

Список CVE

• CVE-2024-11699
  critical
• CVE-2024-11696
  high
• CVE-2024-11694
  high
• CVE-2024-11695
  high
• CVE-2024-11693
  critical
• CVE-2024-11692
  warning
• CVE-2024-11697
  critical
• CVE-2024-11698
  critical
• CVE-2024-11691
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com