Kaspersky LabKLA11545KLA11545 Multiple vulnerabilities in Mozilla Firefox ESR
9.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H
8.9 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.009 Low
EPSS
Percentile
82.6%
Detect date:
09/03/2019
Severity:
Critical
Description:
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, perform cross-site scripting attack, bypass security restrictions, gain privileges.
Affected products:
Mozilla Firefox earlier than 60.9
Mozilla Firefox earlier than 68.1
Solution:
Update to the latest version
Download Mozilla Firefox ESR
Original advisories:
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2019-117516.8High
CVE-2019-117529.3Critical
CVE-2019-117356.8High
CVE-2019-117466.8High
CVE-2019-98125.8High
CVE-2019-117504.3Warning
CVE-2019-117424.3Warning
CVE-2019-117386.8High
CVE-2019-117494.3Warning
CVE-2019-117534.6Warning
CVE-2019-117364.4Warning
CVE-2019-117484.3Warning
CVE-2019-117406.8High
CVE-2019-117474.3Warning
CVE-2019-117444.3Warning
CVE-2019-117434.3Warning
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11735
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11736
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11738
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11747
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11748
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11749
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11750
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11751
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11753
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Mozilla-Firefox-ESR/
www.mozilla.org/en-US/firefox/organizations/all/
www.mozilla.org/en-US/security/advisories/mfsa2019-26/
www.mozilla.org/en-US/security/advisories/mfsa2019-27/
Related
9.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H
8.9 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.009 Low
EPSS
Percentile
82.6%