Test Kennung:	1.3.6.1.4.1.25623.1.0.812668
Kategorie:	General
Titel:	Mozilla Firefox Security Update (mfsa_2018-02_2018-03) - Windows
Zusammenfassung:	Mozilla Firefox is prone to multiple vulnerabilities.
Beschreibung:	Summary: Mozilla Firefox is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - Multiple Use-after-free errors, buffer overflow errors, memory safety bugs and integer overflow errors. - WebExtensions can save and execute files on local file system without user prompts. - Developer Tools can expose style editor information cross-origin through service worker. - Printing process will follow symlinks for local file access. - Manually entered blob URL can be accessed by subsequent private browsing tabs. - Audio capture prompts and starts with incorrect origin attribution. - URL spoofing in addressbar through drag and drop. - Extension development tools panel can open a non-relative URL in the panel. - WebExtensions can load non-HTTPS pages with browser.identity.launchWebAuthFlow. - The old value of a cookie changed to HttpOnly remains accessible to scripts. - Background network requests can open HTTP authentication in unrelated foreground tabs. - WebExtension ActiveTab permission allows cross-origin frame content access. - URL spoofing with right-to-left text aligned left-to-right. - Activity Stream images can attempt to load local content through file:. - Reader view will load cross-origin content in violation of CORS headers. Vulnerability Impact: Successful exploitation of these vulnerabilities will allow remote attackers to execute arbitrary code on affected system or conduct a denial-of-service condition, gain escalated privileges, gain access to sensitive data, conduct phishing attacks, make use of old cookie value, get cross-origin frame content access, conduct spoofing and domain name spoofing attacks. Affected Software/OS: Mozilla Firefox versions before 58. Solution: Update to version 58 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-5091 BugTraq ID: 102783 http://www.securityfocus.com/bid/102783 Debian Security Information: DSA-4096 (Google Search) https://www.debian.org/security/2018/dsa-4096 Debian Security Information: DSA-4102 (Google Search) https://www.debian.org/security/2018/dsa-4102 https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html RedHat Security Advisories: RHSA-2018:0122 https://access.redhat.com/errata/RHSA-2018:0122 http://www.securitytracker.com/id/1040270 https://usn.ubuntu.com/3544-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-5092 BugTraq ID: 102786 http://www.securityfocus.com/bid/102786 Common Vulnerability Exposure (CVE) ID: CVE-2018-5093 Common Vulnerability Exposure (CVE) ID: CVE-2018-5094 Common Vulnerability Exposure (CVE) ID: CVE-2018-5095 https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html RedHat Security Advisories: RHSA-2018:0262 https://access.redhat.com/errata/RHSA-2018:0262 Common Vulnerability Exposure (CVE) ID: CVE-2018-5097 Common Vulnerability Exposure (CVE) ID: CVE-2018-5098 Common Vulnerability Exposure (CVE) ID: CVE-2018-5099 Common Vulnerability Exposure (CVE) ID: CVE-2018-5100 Common Vulnerability Exposure (CVE) ID: CVE-2018-5101 Common Vulnerability Exposure (CVE) ID: CVE-2018-5102 Common Vulnerability Exposure (CVE) ID: CVE-2018-5103 Common Vulnerability Exposure (CVE) ID: CVE-2018-5104 Common Vulnerability Exposure (CVE) ID: CVE-2018-5105 Common Vulnerability Exposure (CVE) ID: CVE-2018-5106 Common Vulnerability Exposure (CVE) ID: CVE-2018-5107 Common Vulnerability Exposure (CVE) ID: CVE-2018-5108 Common Vulnerability Exposure (CVE) ID: CVE-2018-5109 Common Vulnerability Exposure (CVE) ID: CVE-2018-5089 https://usn.ubuntu.com/3688-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-5111 Common Vulnerability Exposure (CVE) ID: CVE-2018-5112 Common Vulnerability Exposure (CVE) ID: CVE-2018-5113 Common Vulnerability Exposure (CVE) ID: CVE-2018-5114 Common Vulnerability Exposure (CVE) ID: CVE-2018-5115 Common Vulnerability Exposure (CVE) ID: CVE-2018-5116 Common Vulnerability Exposure (CVE) ID: CVE-2018-5117 Common Vulnerability Exposure (CVE) ID: CVE-2018-5118 Common Vulnerability Exposure (CVE) ID: CVE-2018-5119 Common Vulnerability Exposure (CVE) ID: CVE-2018-5122 Common Vulnerability Exposure (CVE) ID: CVE-2018-5090
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.