Kaspersky LabKLA11942KLA11942 Multiple vulnerabilities in Mozilla Firefox
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
79.8%
Detect date:
08/25/2020
Severity:
Warning
Description:
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service, execute arbitrary code, gain privileges, spoof user interface.
Affected products:
Mozilla Firefox earlier than 80
Solution:
Update to the latest version
Download Firefox
Original advisories:
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2020-156666.5High
CVE-2020-156684.3Warning
CVE-2020-124004.7Warning
CVE-2020-156638.8Critical
CVE-2020-156654.3Warning
CVE-2020-156646.5High
CVE-2020-124014.7Warning
CVE-2020-156708.8Critical
CVE-2020-68295.3High
CVE-2020-156678.8Critical
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12400
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12401
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15663
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15664
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15665
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15666
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15667
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15668
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15670
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6829
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Mozilla-Firefox/
www.mozilla.org/en-US/firefox/new/
www.mozilla.org/en-US/security/advisories/mfsa2020-36/
Related
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
79.8%