ID de Prueba:	1.3.6.1.4.1.25623.1.0.813620
Categoría:	General
Título:	Mozilla Firefox Security Update (mfsa_2018-15_2018-17) - Mac OS X
Resumen:	Mozilla Firefox is prone to multiple vulnerabilities.
Descripción:	Summary: Mozilla Firefox is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - Buffer overflow error using computed size of canvas element. - Multiple use-after-free errors. - Multiple integer overflow errors. - Same-origin bypass error using service worker and redirection. - Compromised IPC child process can list local filenames. - Media recorder segmentation fault error when track type is changed during capture. - Invalid data handling during QCMS transformations. - Timing attack mitigation of PerformanceNavigationTiming. - WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. - In Reader View SameSite cookie protections are not checked on exiting. - Memory safety bugs. Vulnerability Impact: Successful exploitation will allow remote attackers to run arbitrary code, bypass CSRF protections, disclose sensitive information and cause denial of service condition. Affected Software/OS: Mozilla Firefox versions before 61. Solution: Update to version 61 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-5156 BugTraq ID: 104560 http://www.securityfocus.com/bid/104560 Debian Security Information: DSA-4235 (Google Search) https://www.debian.org/security/2018/dsa-4235 Debian Security Information: DSA-4295 (Google Search) https://www.debian.org/security/2018/dsa-4295 https://security.gentoo.org/glsa/201810-01 https://security.gentoo.org/glsa/201811-13 https://lists.debian.org/debian-lts-announce/2018/06/msg00014.html https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html RedHat Security Advisories: RHSA-2018:2112 https://access.redhat.com/errata/RHSA-2018:2112 RedHat Security Advisories: RHSA-2018:2113 https://access.redhat.com/errata/RHSA-2018:2113 http://www.securitytracker.com/id/1041193 https://usn.ubuntu.com/3705-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-5186 BugTraq ID: 104557 http://www.securityfocus.com/bid/104557 Common Vulnerability Exposure (CVE) ID: CVE-2018-5187 BugTraq ID: 104556 http://www.securityfocus.com/bid/104556 Common Vulnerability Exposure (CVE) ID: CVE-2018-5188 BugTraq ID: 104555 http://www.securityfocus.com/bid/104555 Debian Security Information: DSA-4244 (Google Search) https://www.debian.org/security/2018/dsa-4244 https://lists.debian.org/debian-lts-announce/2018/07/msg00013.html RedHat Security Advisories: RHSA-2018:2251 https://access.redhat.com/errata/RHSA-2018:2251 RedHat Security Advisories: RHSA-2018:2252 https://access.redhat.com/errata/RHSA-2018:2252 https://usn.ubuntu.com/3714-1/ https://usn.ubuntu.com/3749-1/
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.