KLA11505Incorrect parameters parsing vulnerability in Mozilla Firefox ESR

2019-06-20T00:00:00
ID KLA11505
Type kaspersky
Reporter Kaspersky Lab
Modified 2020-05-22T00:00:00

Description

Detect date:

06/20/2019

Severity:

Warning

Description:

Vulnerability, related to insufficient vetting of parameters passed with the Prompt:Open IPC message was found in Mozilla Firefox. Malicious users can exploit this vulnerability via specially designed website to bypass security restrictions.

Affected products:

Mozilla Firefox ESR earlier than 60.7.2

Solution:

Update to the latest version

Original advisories:

mfsa2019-19

Impacts:

DoS

Related products:

Mozilla Firefox ESR

CVE-IDS:

CVE-2019-117080.0Unknown