Kaspersky LabKLA10672KLA10672 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.146 Low
EPSS
Percentile
95.7%
Detect date:
09/22/2015
Severity:
Critical
Description:
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges, spoof user interface, impact local files, execute arbitrary code or obtain sensitive information.
Affected products:
Mozilla Firefox versions earlier than 41
Mozilla Firefox ESR versions earlier than 38.3
Solution:
Update to the latest version
Get Firefox ESR
Get Firefox
Original advisories:
Mozilla Foundation security advisories
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2015-73274.3Warning
CVE-2015-71807.5Critical
CVE-2015-71797.5Critical
CVE-2015-71787.5Critical
CVE-2015-71777.5Critical
CVE-2015-71767.5Critical
CVE-2015-71757.5Critical
CVE-2015-71747.5Critical
CVE-2015-45227.5Critical
CVE-2015-45217.5Critical
CVE-2015-45206.4High
CVE-2015-45194.3Warning
CVE-2015-45177.5Critical
CVE-2015-45169.3Critical
CVE-2015-45126.4High
CVE-2015-45116.8High
CVE-2015-45106.8High
CVE-2015-45097.5Critical
CVE-2015-45082.6Warning
CVE-2015-45075.1High
CVE-2015-45066.8High
CVE-2015-45056.6High
CVE-2015-45046.4High
CVE-2015-45035.0Critical
CVE-2015-45024.3Warning
CVE-2015-45017.5Critical
CVE-2015-45007.5Critical
CVE-2015-44764.3Warning
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4476
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4500
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4501
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4502
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4503
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4504
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4505
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4506
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4507
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4508
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4509
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4510
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4511
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4512
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4516
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4517
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4519
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4520
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4521
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4522
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7174
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7175
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7176
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7177
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7178
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7179
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7180
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7327
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Mozilla-Firefox-ESR/
threats.kaspersky.com/en/product/Mozilla-Firefox/
www.mozilla.org/en-US/firefox/new/
www.mozilla.org/en-US/firefox/organizations/all/
www.mozilla.org/en-US/security/advisories/
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.146 Low
EPSS
Percentile
95.7%