Kaspersky LabKLA10969KLA10969 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.924 High
EPSS
Percentile
98.9%
Detect date:
03/07/2017
Severity:
Critical
Description:
Multiple serious vulnerabilities have been found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to obtain sensitive information, run arbitrary code, cause a denial of service and gain privileges.
Affected products:
Mozilla Firefox versions earlier than 52.0
Mozilla Firefox ESR versions earlier than 45.8.0
Solution:
Update to latest version
Mozilla Firefox ESR
Mozilla Firefox
Original advisories:
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2017-54065.0Warning
CVE-2017-54074.3Warning
CVE-2017-54107.5Critical
CVE-2017-54115.0Warning
CVE-2017-54085.0Warning
CVE-2017-54125.0Warning
CVE-2017-54137.5Critical
CVE-2017-54144.9Warning
CVE-2017-54165.0Warning
CVE-2017-54255.0Warning
CVE-2017-54265.0Warning
CVE-2017-54185.0Warning
CVE-2017-54197.8Critical
CVE-2017-54055.0Warning
CVE-2017-54215.0Warning
CVE-2017-54225.0Warning
CVE-2017-54007.5Critical
CVE-2017-54017.5Critical
CVE-2017-54027.5Critical
CVE-2017-54037.5Critical
CVE-2017-54047.5Critical
CVE-2017-54093.6Warning
CVE-2017-54155.0Warning
CVE-2017-54175.0Warning
CVE-2017-54271.9Warning
CVE-2017-54204.3Warning
Exploitation:
Public exploits exist for this vulnerability.
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5403
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5406
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5409
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5411
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5412
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5413
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5414
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5415
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5416
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5417
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5418
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5419
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5420
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5421
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5422
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5425
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5426
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5427
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Mozilla-Firefox-ESR/
threats.kaspersky.com/en/product/Mozilla-Firefox/
www.mozilla.org/en-US/firefox/new/
www.mozilla.org/en-US/firefox/organizations/all/
www.mozilla.org/en-US/security/advisories/mfsa2017-05/
www.mozilla.org/en-US/security/advisories/mfsa2017-06/
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.924 High
EPSS
Percentile
98.9%