Lucene search

K

Kaspersky LabKLA10723

HistoryDec 15, 2015 - 12:00 a.m.

KLA10723 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

2015-12-1500:00:00

Kaspersky Lab

threats.kaspersky.com

61

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.057 Low

EPSS

Percentile

93.2%

Detect date:

12/15/2015

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, bypass security restrictions, gain privileges, execute arbitrary code or obtain sensitive information.

Affected products:

Mozilla Firefox versions earlier than 43
Mozilla Firefox ESR versions earlier than 38.5

Solution:

Update to the latest version
Get Firefox ESR
Get Firefox

Original advisories:

Mozilla Foundation Security Advisories

Impacts:

ACE

Related products:

Mozilla Firefox

CVE-IDS:

CVE-2015-72234.0Warning
CVE-2015-72046.8High
CVE-2015-72075.0Critical
CVE-2015-72085.0Critical
CVE-2015-72107.5Critical
CVE-2015-72115.0Critical
CVE-2015-72127.5Critical
CVE-2015-72136.8High
CVE-2015-72145.0Critical
CVE-2015-72155.0Critical
CVE-2015-72166.8High
CVE-2015-72174.3Warning
CVE-2015-72185.0Critical
CVE-2015-72195.0Critical
CVE-2015-72226.8High

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7204

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7207

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7208

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7210

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7211

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7212

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7213

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7214

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7215

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7216

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7217

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7218

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7219

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7222

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7223

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/product/Mozilla-Firefox-ESR/

threats.kaspersky.com/en/product/Mozilla-Firefox/

www.mozilla.org/en-US/firefox/new/

www.mozilla.org/en-US/firefox/organizations/all/

www.mozilla.org/en-US/security/advisories/

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.057 Low

EPSS

Percentile

93.2%

Related for KLA10723

freebsd2 ubuntu2 nessus36 archlinux2 openvas52 mageia4 redhat2 suse9 debian2 oraclelinux2 veracode6 centos2 mozilla14 ubuntucve17 cve17 prion17 debiancve1 gentoo1