Kaspersky LabKLA11982KLA11982 Multiple vulnerabilitieis in Mozilla Firefox
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.6%
Detect date:
10/20/2020
Severity:
Warning
Description:
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, spoof user interface, execute arbitrary code.
Affected products:
Mozilla Firefox earlier than 82
Solution:
Update to the latest version
Download Firefox
Original advisories:
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2020-159698.8Critical
CVE-2020-156826.5High
CVE-2020-152549.8Critical
CVE-2020-156805.3High
CVE-2020-156817.5Critical
CVE-2020-156839.8Critical
CVE-2020-156849.8Critical
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15254
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15680
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15681
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15682
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15683
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15684
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15969
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Mozilla-Firefox/
www.mozilla.org/en-US/firefox/new/
www.mozilla.org/en-US/security/advisories/mfsa2020-45/
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.6%