Kaspersky LabKLA10759KLA10759 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.03 Low
EPSS
Percentile
90.9%
Multiple serious vulnerabilities have been found in Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions or obtain sensitive information.
Below is a complete list of vulnerabilities
- Lack of requests interception restrictions at NPAPI plugins can be exploited remotely via network traffic manipulations to bypass security restrictions; (Firefox only)
- Obsolete version of Graphite 2 library can be exploited remotely via a specially designed βsmart fontβ to cause denial of service, execute arbitrary code or obtain sensitive information.
Technical details
Vulnerability (1) caused by service workers which intercepts responses to plugin network requests made through browser.
Vulnerability (2) related to multiple Libgraphit vulnerabilities listed below:
- TtfUtil:LocaLookup function in TtfUtil.cpp incorrectly validates size value and can be exploited remotely to cause denial of service;
- SillMap::readFace function in FeatureMap.cpp mishandles return value and can be exploited remotely to cause denial of service;
- Code.cpp does not consider recursive calls and can be exploited remotely to cause denial of service or execute arbitrary code;
- directrun function in directmachine.cpp does not validate certain skip operations and can be exploited remotely to cause denial of service, execute arbitrary code or obtain sensitive information.
Obsolete version of Graphite was updated at Firefox ESR 38.6.1 and Firefox 43.0.
Original advisories
Related products
CVE list
CVE-2016-1523 warning
CVE-2016-1522 critical
CVE-2016-1521 high
CVE-2016-1949 high
CVE-2016-1526 high
Solution
Update to the latest versionGet Firefox
Impacts
- ACE
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
- OSI
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
- DoS
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
- SB
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
- SUI
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
Affected Products
- Mozilla Firefox versions earlier than 44.0.2Mozilla Firefox ESR versions ealrier than 38.6.1
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.03 Low
EPSS
Percentile
90.9%