| Description: | Summary:
Mozilla Firefox is prone to multiple vulnerabilities.
Vulnerability Insight:
Multiple flaws exist due to:
- An integer overflow error in Skia.
- An use-after-free error when removing in-use DOM elements.
- Multiple type confusion errors through on-stack replacement with IonMonkey.
- An error in IonMonkey just-in-time (JIT) compiler.
- An improper bounds checks when Spectre mitigations are disabled.
- Command line arguments not discarded during Firefox invocation as a shell
handler for URLs.
- A type confusion error in IonMonkey JIT compiler.
- An use-after-free error with SMIL animation controller.
- Cross-origin theft of images with createImageBitmap.
- An insufficient bounds checking of data during inter-process communication.
- Windows programs that are not 'URL Handlers' are exposed to web content.
- A memory read error in Chrome process.
- Upgrade-Insecure-Requests incorrectly enforced for same-origin navigation.
- Use of uninitialized memory in Prio library.
- A vulnerability exists during authorization prompting for FTP transaction.
- Text sent through FTP connection can be incorporated into alert messages.
- WebRTC permissions can display incorrect origin with data: and blob: URLs.
- An error in handling FTP modal alert error messages.
- Memory safety bugs.
Vulnerability Impact:
Successful exploitation allows attackers
to run arbitrary code, cause denial of service, disclose sensitive information
and bypass security restrictions.
Affected Software/OS:
Mozilla Firefox version before
66 on Windows.
Solution:
Update to Mozilla Firefox version 66
or later. Please see the references for more information.
CVSS Score:
7.5
CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
