Lucene search

Kaspersky LabKLA10689

HistoryNov 03, 2015 - 12:00 a.m.

KLA10689 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

2015-11-0300:00:00

Kaspersky Lab

threats.kaspersky.com

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.091 Low

EPSS

Percentile

94.5%

JSON

Detect date:

11/03/2015

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions, execute arbitrary code or obtain sensitive information.

Affected products:

Mozilla Firefox versions earlier than 42
Mozilla Firefox ESR versions earlier than 38.4

Solution:

Update to the latest version
Get Firefox ESR
Get Firefox

Original advisories:

Mozilla foundation security advisories

Impacts:

ACE

Related products:

Mozilla Firefox

CVE-IDS:

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4513

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4514

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4515

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4518

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7185

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7186

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7187

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7188

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7189

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7190

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7191

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7192

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7193

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7194

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7195

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7196

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7197

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7198

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7199

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7200

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/product/Mozilla-Firefox-ESR/

threats.kaspersky.com/en/product/Mozilla-Firefox/

www.mozilla.org/en-US/firefox/new/

www.mozilla.org/en-US/firefox/organizations/all/

www.mozilla.org/en-US/security/advisories/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.091 Low

EPSS

Percentile

94.5%

JSON

Related for KLA10689