Kaspersky LabKLA11439KLA11439 Multiple vulnerabilities in Mozilla Firefox
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.168 Low
EPSS
Percentile
95.9%
Detect date:
03/19/2019
Severity:
Critical
Description:
Multiple vulnerabilities was found in Mozilla Firefox. Malicious users can exploit this vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, gain privileges and spoof user interface.
Exploitation:
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Affected products:
Mozilla Firefox earlier than 66
Solution:
Update to the latest version
Download Mozilla Firefox
Original advisories:
Mozilla Foundation Security Advisory 2019-07
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2019-97907.5Critical
CVE-2019-97917.5Critical
CVE-2019-97927.5Critical
CVE-2019-97934.3Warning
CVE-2019-97947.5Critical
CVE-2019-97957.5Critical
CVE-2019-97967.5Critical
CVE-2019-97975.0Warning
CVE-2019-97985.8High
CVE-2019-97995.0Warning
CVE-2019-98015.0Warning
CVE-2019-98025.0Warning
CVE-2019-98035.8High
CVE-2019-98047.5Critical
CVE-2019-98057.5Critical
CVE-2019-98065.0Warning
CVE-2019-98074.3Warning
CVE-2019-98095.0Warning
CVE-2019-98085.0Warning
CVE-2019-97897.5Critical
CVE-2019-97887.5Critical
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9789
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9794
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9798
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9799
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9801
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9802
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9803
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9804
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9805
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9806
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9807
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9808
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9809
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Mozilla-Firefox/
www.mozilla.org/en-US/firefox/new/
www.mozilla.org/en-US/security/advisories/mfsa2019-07/
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.168 Low
EPSS
Percentile
95.9%