Test Kennung:	1.3.6.1.4.1.25623.1.0.815004
Kategorie:	General
Titel:	Mozilla Firefox ESR Security Update (mfsa_2019-06_2019-08) - Windows
Zusammenfassung:	Mozilla Firefox ESR is prone to multiple vulnerabilities.
Beschreibung:	Summary: Mozilla Firefox ESR is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - An Use-after-free error when removing in-use DOM elements. - Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey. - An error in IonMonkey just-in-time (JIT) compiler. - An improper bounds checks when Spectre mitigations are disabled. - Command line arguments not discarded during execution. - A type-confusion error in IonMonkey JIT compiler. - An use-after-free error with SMIL animation controller. - Windows programs that are not 'URL Handlers' are exposed to web content. - Memory safety bugs. Vulnerability Impact: Successful exploitation allows attackers to run arbitrary code, crash the system and bypass security restrictions. Affected Software/OS: Mozilla Firefox ESR version before 60.6 on Windows. Solution: Update to Mozilla Firefox ESR version 60.6 or later. Please see the references for more information. CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-9790 https://bugzilla.mozilla.org/show_bug.cgi?id=1525145 https://www.mozilla.org/security/advisories/mfsa2019-07/ https://www.mozilla.org/security/advisories/mfsa2019-08/ https://www.mozilla.org/security/advisories/mfsa2019-11/ RedHat Security Advisories: RHSA-2019:0966 https://access.redhat.com/errata/RHSA-2019:0966 RedHat Security Advisories: RHSA-2019:1144 https://access.redhat.com/errata/RHSA-2019:1144 Common Vulnerability Exposure (CVE) ID: CVE-2019-9791 https://bugzilla.mozilla.org/show_bug.cgi?id=1530958 Common Vulnerability Exposure (CVE) ID: CVE-2019-9792 http://packetstormsecurity.com/files/153106/Spidermonkey-IonMonkey-JS_OPTIMIZED_OUT-Value-Leak.html https://bugzilla.mozilla.org/show_bug.cgi?id=1532599 Common Vulnerability Exposure (CVE) ID: CVE-2019-9793 https://bugzilla.mozilla.org/show_bug.cgi?id=1528829 Common Vulnerability Exposure (CVE) ID: CVE-2019-9794 https://bugzilla.mozilla.org/show_bug.cgi?id=1530103 Common Vulnerability Exposure (CVE) ID: CVE-2019-9795 https://bugzilla.mozilla.org/show_bug.cgi?id=1514682 Common Vulnerability Exposure (CVE) ID: CVE-2019-9796 https://bugzilla.mozilla.org/show_bug.cgi?id=1531277 Common Vulnerability Exposure (CVE) ID: CVE-2019-9801 https://bugzilla.mozilla.org/show_bug.cgi?id=1527717 Common Vulnerability Exposure (CVE) ID: CVE-2018-1850 http://www.securitytracker.com/id/1042036 XForce ISS Database: ibm-sam-cve20181850-auth-bypass(150998) https://exchange.xforce.ibmcloud.com/vulnerabilities/150998 Common Vulnerability Exposure (CVE) ID: CVE-2019-9788 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1518001%2C1521304%2C1521214%2C1506665%2C1516834%2C1518774%2C1524755%2C1523362%2C1524214%2C1529203
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.