Kaspersky LabKLA12029KLA12029 Multiple vulnerabilities in Mozilla Firefox
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.1%
Detect date:
12/15/2020
Severity:
Warning
Description:
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, spoof user interface, cause denial of service, execute arbitrary code.
Affected products:
Mozilla Firefox earlier than 84
Solution:
Update to the latest version
Download Firefox
Original advisories:
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2020-160426.5High
CVE-2020-269756.5High
CVE-2020-351114.3Warning
CVE-2020-351128.8Critical
CVE-2020-269766.5High
CVE-2020-269776.5High
CVE-2020-269748.8Critical
CVE-2020-351148.8Critical
CVE-2020-269729.8Critical
CVE-2020-269718.8Critical
CVE-2020-351138.8Critical
CVE-2020-269796.1High
CVE-2020-269786.1High
CVE-2020-269738.8Critical
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16042
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26971
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26972
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26973
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26974
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26975
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26976
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26977
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26978
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26979
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35111
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35112
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35113
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35114
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Mozilla-Firefox/
www.mozilla.org/en-US/firefox/new/
www.mozilla.org/en-US/security/advisories/mfsa2020-54/
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.1%