ID de Prueba:	1.3.6.1.4.1.25623.1.0.813357
Categoría:	General
Título:	Mozilla Firefox Security Updates(mfsa_2018-11_2018-12)-Windows
Resumen:	Mozilla Firefox is prone to multiple vulnerabilities.
Descripción:	Summary: Mozilla Firefox is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - Use-after-free error with SVG animations, text paths and clip paths. - Multiple errors in PDF Viewer. - Integer overflow and out-of-bounds write errors in Skia. - Uninitialized memory use by WebRTC encoder. - WebExtensions information leak error through webRequest API. - Out-of-bounds read error in mixed content websocket messages. - Replacing cached data in JavaScript Start-up Bytecode Cache. - CSP not applied to all multipart content sent with multipart/x-mixed-replace. - WebExtension host permission bypass error through filterReponseData. - Improper linkification of chrome: and javascript: content in web console and JavaScript debugger. - Lightweight themes can be installed without user interaction. - Dragging and dropping link text onto home button can set home page to include chrome pages. - Pasted script from clipboard can run in the Live Bookmarks page or PDF viewer. - File name spoofing of Downloads panel with Unicode characters. - Windows Defender SmartScreen UI runs with less secure behavior for downloaded files in Windows 10 April 2018 Update. - Universal CSP bypass error on sites using strict-dynamic in their policies. - An inpur validation error in JSON Viewer. - Buffer overflow error in XSLT during number formatting. - Checkbox for enabling Flash protected mode is inverted in 32-bit Firefox. - Heap-use-after-free error in mozilla::WebGLContext::DrawElementsInstanced. - Memory safety bugs fixed in Firefox 60. Vulnerability Impact: Successful exploitation will allow attackers to cause denial of service condition, bypass security restrictions, execute arbitrary code and disclose sensitive information. Affected Software/OS: Mozilla Firefox version before 60 on Windows. Solution: Upgrade to Mozilla Firefox version 60 or later. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-5154 BugTraq ID: 104136 http://www.securityfocus.com/bid/104136 Debian Security Information: DSA-4199 (Google Search) https://www.debian.org/security/2018/dsa-4199 Debian Security Information: DSA-4209 (Google Search) https://www.debian.org/security/2018/dsa-4209 https://security.gentoo.org/glsa/201810-01 https://security.gentoo.org/glsa/201811-13 https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html RedHat Security Advisories: RHSA-2018:1414 https://access.redhat.com/errata/RHSA-2018:1414 RedHat Security Advisories: RHSA-2018:1415 https://access.redhat.com/errata/RHSA-2018:1415 RedHat Security Advisories: RHSA-2018:1725 https://access.redhat.com/errata/RHSA-2018:1725 RedHat Security Advisories: RHSA-2018:1726 https://access.redhat.com/errata/RHSA-2018:1726 http://www.securitytracker.com/id/1040896 https://usn.ubuntu.com/3645-1/ https://usn.ubuntu.com/3660-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-5155 Common Vulnerability Exposure (CVE) ID: CVE-2018-5157 Common Vulnerability Exposure (CVE) ID: CVE-2018-5158 Common Vulnerability Exposure (CVE) ID: CVE-2018-5159 https://www.exploit-db.com/exploits/44759/ Common Vulnerability Exposure (CVE) ID: CVE-2018-5160 BugTraq ID: 104139 http://www.securityfocus.com/bid/104139 Common Vulnerability Exposure (CVE) ID: CVE-2018-5152 Common Vulnerability Exposure (CVE) ID: CVE-2018-5153 Common Vulnerability Exposure (CVE) ID: CVE-2018-5163 Common Vulnerability Exposure (CVE) ID: CVE-2018-5164 Common Vulnerability Exposure (CVE) ID: CVE-2018-5166 Common Vulnerability Exposure (CVE) ID: CVE-2018-5167 Common Vulnerability Exposure (CVE) ID: CVE-2018-5168 Common Vulnerability Exposure (CVE) ID: CVE-2018-5169 Common Vulnerability Exposure (CVE) ID: CVE-2018-5172 Common Vulnerability Exposure (CVE) ID: CVE-2018-5173 Common Vulnerability Exposure (CVE) ID: CVE-2018-5174 Common Vulnerability Exposure (CVE) ID: CVE-2018-5175 Common Vulnerability Exposure (CVE) ID: CVE-2018-5176 Common Vulnerability Exposure (CVE) ID: CVE-2018-5177 Common Vulnerability Exposure (CVE) ID: CVE-2018-5180 Common Vulnerability Exposure (CVE) ID: CVE-2018-5181 Common Vulnerability Exposure (CVE) ID: CVE-2018-5182 Common Vulnerability Exposure (CVE) ID: CVE-2018-5151 Common Vulnerability Exposure (CVE) ID: CVE-2018-5150 https://usn.ubuntu.com/3688-1/
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.