General : Mozilla Firefox ESR Security Updates(mfsa_2019-36

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.815729

Kategorie: General

Titel: Mozilla Firefox ESR Security Updates(mfsa_2019-36_2019-37)-MAC OS X

Zusammenfassung: Mozilla Firefox ESR is prone to multiple vulnerabilities.

Beschreibung: Summary:
Mozilla Firefox ESR is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- A use-after-free issue in worker destruction.

- A stack corruption issue due to incorrect number of arguments in WebRTC code.

- An out of bounds write issue in NSS when encrypting with a block cipher.

- Unprivileged processes can access updater temporary files.

- A use-after-free issue when performing device orientation checks.

- A buffer overflow issue in plain text serializer.

- A use-after-free issue when retrieving a document in antitracking.

- Memory safety bugs.

Vulnerability Impact:
Successful exploitation of this vulnerability
will allow remote attackers to execute arbitrary code, gain access to sensitive
information and conduct denial of service attacks.

Affected Software/OS:
Mozilla Firefox ESR version before
68.3 on MAC OS X.

Solution:
Upgrade to Mozilla Firefox ESR version 68.3
or later. Please see the references for more information.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2019-17008
Common Vulnerability Exposure (CVE) ID: CVE-2019-13722
Common Vulnerability Exposure (CVE) ID: CVE-2019-11745
Common Vulnerability Exposure (CVE) ID: CVE-2019-17009
Common Vulnerability Exposure (CVE) ID: CVE-2019-17010
Common Vulnerability Exposure (CVE) ID: CVE-2019-17005
Common Vulnerability Exposure (CVE) ID: CVE-2019-17011
Common Vulnerability Exposure (CVE) ID: CVE-2019-17012

Copyright Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.815729
Kategorie:	General
Titel:	Mozilla Firefox ESR Security Updates(mfsa_2019-36_2019-37)-MAC OS X
Zusammenfassung:	Mozilla Firefox ESR is prone to multiple vulnerabilities.
Beschreibung:	Summary: Mozilla Firefox ESR is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - A use-after-free issue in worker destruction. - A stack corruption issue due to incorrect number of arguments in WebRTC code. - An out of bounds write issue in NSS when encrypting with a block cipher. - Unprivileged processes can access updater temporary files. - A use-after-free issue when performing device orientation checks. - A buffer overflow issue in plain text serializer. - A use-after-free issue when retrieving a document in antitracking. - Memory safety bugs. Vulnerability Impact: Successful exploitation of this vulnerability will allow remote attackers to execute arbitrary code, gain access to sensitive information and conduct denial of service attacks. Affected Software/OS: Mozilla Firefox ESR version before 68.3 on MAC OS X. Solution: Upgrade to Mozilla Firefox ESR version 68.3 or later. Please see the references for more information. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-17008 Common Vulnerability Exposure (CVE) ID: CVE-2019-13722 Common Vulnerability Exposure (CVE) ID: CVE-2019-11745 Common Vulnerability Exposure (CVE) ID: CVE-2019-17009 Common Vulnerability Exposure (CVE) ID: CVE-2019-17010 Common Vulnerability Exposure (CVE) ID: CVE-2019-17005 Common Vulnerability Exposure (CVE) ID: CVE-2019-17011 Common Vulnerability Exposure (CVE) ID: CVE-2019-17012
Copyright	Copyright (C) 2019 Greenbone Networks GmbH