Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Mozilla Firefox ESR Security Updates(mfsa_2019-21_2019-22)-Windows
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities.
Insight
Insight
Multiple flaws exist due to, - Sandbox escape via installation of malicious language pack. - Script injection within domain through inner window reuse. - POST requests made by NPAPI plugins can lead to Cross-Site Request Forgery (CSRF) attacks. - A use-after-free issue in HTTP/2 cached stream. - Empty or malformed p256-ECDH public keys may trigger a segmentation fault. - Improper esacping of Caret character in origins. - An out-of-bounds read issue when importing curve25519 private key. - Same-origin policy treats all files in a directory as having the same-origin.
Affected Software
Affected Software
Mozilla Firefox ESR version before 60.8 on Windows.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Upgrade to Mozilla Firefox ESR version 60.8 or later. Please see the references for more information.