Lucene search

K

Kaspersky LabKLA11516

HistoryJul 09, 2019 - 12:00 a.m.

KLA11516 Multiple vulnerabilities in Mozilla Firefox ESR

2019-07-0900:00:00

Kaspersky Lab

threats.kaspersky.com

30

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.722 High

EPSS

Percentile

98.0%

Detect date:

07/09/2019

Severity:

Critical

Description:

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, perform cross-site scripting attack, spoof user interface, obtain sensitive information, execute arbitrary code.

Affected products:

Mozilla Firefox ESR earlier than 60.8

Solution:

Update to the latest version
Download Mozilla Firefox ESR

Original advisories:

Impacts:

ACE

Related products:

Mozilla Firefox ESR

CVE-IDS:

CVE-2019-98115.1High
CVE-2019-117116.8High
CVE-2019-117126.8High
CVE-2019-117137.5Critical
CVE-2019-117295.0Warning
CVE-2019-117154.3Warning
CVE-2019-117175.0Warning
CVE-2019-117195.0Warning
CVE-2019-117304.3Warning
CVE-2019-117097.5Critical

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11709

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11711

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11712

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11713

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11715

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11717

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11719

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11729

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11730

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9811

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/product/Mozilla-Firefox-ESR/

www.mozilla.org/en-US/firefox/organizations/all/

www.mozilla.org/en-US/security/advisories/mfsa2019-22/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.722 High

EPSS

Percentile

98.0%