Kaspersky LabKLA12050KLA12050 Multiple vulnerabilities in Mozilla Firefox
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.3%
Detect date:
01/26/2021
Severity:
Warning
Description:
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information.
Affected products:
Mozilla Firefox earlier than 85
Solution:
Update to the latest version
Download Firefox
Original advisories:
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2021-239556.1High
CVE-2021-239634.3Warning
CVE-2021-239608.8Critical
CVE-2021-239617.4High
CVE-2021-239596.1High
CVE-2021-239648.8Critical
CVE-2021-239586.5High
CVE-2021-239566.5High
CVE-2021-239534.3Warning
CVE-2021-239628.8Critical
CVE-2021-239577.4High
CVE-2021-239658.8Critical
CVE-2021-239548.8Critical
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23953
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23954
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23955
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23956
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23957
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23958
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23959
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23960
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23962
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23963
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23964
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23965
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Mozilla-Firefox/
www.mozilla.org/en-US/firefox/new/
www.mozilla.org/en-US/security/advisories/mfsa2021-03/
Related
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.3%