Lucene search

KLA10852 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

🗓️ 02 Aug 2016 00:00:00Reported by Kaspersky LabType

kaspersky🔗 threats.kaspersky.com👁 41 Views

Multiple vulnerabilities in Mozilla Firefox and ESR, allowing for denial of service, sensitive information theft, arbitrary code execution, user interface spoofing, bypassing security restrictions, cross-site scripting, and local file reading

Reporter	Title	Published	Views	Family All 199
ArchLinux	firefox: multiple issues	5 Aug 201600:00	–	archlinux
ArchLinux	thunderbird: arbitrary code execution	4 Sep 201600:00	–	archlinux
Tenable Nessus	Firefox < 48 Multiple Vulnerabilities (Mac OS X)	5 Aug 201600:00	–	nessus
Tenable Nessus	Firefox < 48 Multiple Vulnerabilities	5 Aug 201600:00	–	nessus
Tenable Nessus	openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-937)	5 Aug 201600:00	–	nessus
Tenable Nessus	Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3044-1)	8 Aug 201600:00	–	nessus
Tenable Nessus	openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-960)	11 Aug 201600:00	–	nessus
Tenable Nessus	FreeBSD : Mozilla -- multiple vulnerabilities (aa1aefe3-6e37-47db-bfda-343ef4acb1b5)	12 Sep 201600:00	–	nessus
Tenable Nessus	Firefox ESR 45.x < 45.3 Multiple Vulnerabilities	5 Aug 201600:00	–	nessus
Tenable Nessus	Scientific Linux Security Update : firefox on SL5.x, SL6.x, SL7.x i386/x86_64 (20160803)	4 Aug 201600:00	–	nessus

Source	Link
mozilla	www.mozilla.org/en-US/security/advisories
threats	www.threats.kaspersky.com/en/product/Mozilla-Firefox/
threats	www.threats.kaspersky.com/en/product/Mozilla-Firefox-ESR/
statistics	www.statistics.securelist.com/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Aug 2016 00:00Current

10High risk

Vulners AI Score10

CVSS27.5

CVSS39.8

EPSS0.04457

mozilla firefox; esr; denial of service; sensitive information; arbitrary code execution; user interface spoofing; security restrictions bypass; cross-site scripting; local file reading; remote exploitation; unknown vulnerabilities; buffer overflow; improper handling; use-after-free; websocket; webrtc; svg; cairo calls; api calls; updater; webrtc; sessions manager; integer overflow; drag-n-drop restrictions; gmp sandbox bypass; gecko media plugin; heap-based buffer overflow; stack-based buffer underflow; mozilla::gfx::basepoint4d; nsxulpopupmanager.