Kaspersky LabKLA10584KLA10584 Multiple vulnerabilities in Mozilla products
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.052 Low
EPSS
Percentile
92.9%
Detect date:
05/12/2015
Severity:
Critical
Description:
Multiple serious vulnerabilities have been found in Mozilla products. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions, execute arbitrary code or obtain sensitive information.
Affected products:
Mozilla Firefox versions earlier than 38.0
Mozilla Firefox ESR versions earlier than 31.7
Mozilla Thunderbird versions earlier than 31.7
Solution:
Update to the latest version
Get Thunderbird
Get Firefox
Original advisories:
Mozilla Foundation Security Advisory
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2015-08336.9High
CVE-2015-27106.8High
CVE-2015-27184.3Warning
CVE-2015-27156.8High
CVE-2015-27142.1Warning
CVE-2015-27167.5Critical
CVE-2015-27114.3Warning
CVE-2015-27097.5Critical
CVE-2015-27204.4Warning
CVE-2015-07976.8High
CVE-2015-27176.8High
CVE-2015-27127.5Critical
CVE-2015-27136.8High
CVE-2015-27087.5Critical
CVE-2015-44969.3Critical
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0833
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2709
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2711
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2712
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2714
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2715
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2717
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2718
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2720
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4496
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Mozilla-Firefox-ESR/
threats.kaspersky.com/en/product/Mozilla-Firefox/
threats.kaspersky.com/en/product/Mozilla-Thunderbird/
www.mozilla.org/en-US/firefox/new/
www.mozilla.org/en-US/security/advisories/
www.mozilla.org/en-US/thunderbird/
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.052 Low
EPSS
Percentile
92.9%