Kaspersky LabKLA11691KLA11691 Multiple vulnerabilities in Mozilla Firefox
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.526 Medium
EPSS
Percentile
97.5%
Detect date:
02/12/2020
Severity:
High
Description:
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to inject malicious code, cause denial of service, obtain sensitive information, execute arbitrary code, read local files.
Exploitation:
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Affected products:
Mozilla Firefox earlier than 74
Solution:
Update to the latest version
Download Mozilla Firefox
Original advisories:
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2019-205034.3Warning
CVE-2020-68066.8High
CVE-2020-68125.0Warning
CVE-2020-68147.5Critical
CVE-2020-68076.8High
CVE-2020-68116.8High
CVE-2020-68056.8High
CVE-2020-68104.3Warning
CVE-2020-68084.3Warning
CVE-2020-68135.0Warning
CVE-2020-68157.5Critical
CVE-2020-68095.0Warning
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6808
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6809
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6810
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6813
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6815
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Mozilla-Firefox/
www.mozilla.org/en-US/firefox/new/
www.mozilla.org/en-US/security/advisories/mfsa2020-08/
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.526 Medium
EPSS
Percentile
97.5%