Mozilla Firefox ESR Security Updates(mfsa_2019-25_2019-27_01)-Mac OS X

Technical Details

Severity Level:

High Severity

CVSS Score:

10.0

CVSS Base Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Summary:
This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities.

Detection Method:
Checks if a vulnerable version is present on the target host.

Technical Details:
Multiple flaws exists due to, - Multiple use-after-free errors. - A same-origin policy violation. - Sandbox escape through Firefox Sync. - Navigation events were not fully adhering to the W3C's 'Navigation-Timing Level 2' draft specification in some instances for the unload event. - Some HTML elements, such as and <textarea>, can contain literal angle brackets without treating them as markup. - Memory safety bugs.</p> <p><b>Impact:</b> <br />Successful exploitation allow attackers to cause denial of service, escalate privileges, conduct cross site scripting attacks and disclose sensitive information.</p> <p><b>Affected Versions:</b> <br />Mozilla Firefox ESR version before 60.9 on Mac OS X.</p> <p><b>Recommendations:</b> <br />Upgrade to Mozilla Firefox ESR version 60.9 or later. Please see the references for more information.</p> <p><b>Solution Type:</b> <br />Vendor Patch</p> <p><b>Detection Type:</b> <br />Executable</p> <strong>Family:</strong> <p>General</p> <strong>Creation Time:</strong> <p>2019-09-05 08:07:19</p> <strong>Modification Time:</strong> <p>2019-09-05 09:53:24</p> <strong>Find and Fix this Vulnerability:</strong> <br /> <p>Mageni can help you to find out if you have this or more vulnerabilities exposing you to hackers, ransomware and malware: <a href="https://www.mageni.net/register" alt="Download it now">Download Mageni's Free Edition</a></p> <strong>NVD CVE ID:</strong> <br /> CVE-2019-11746<br /> CVE-2019-11744<br /> CVE-2019-11742<br /> CVE-2019-11740<br /> CVE-2019-11752<br /> CVE-2019-9812<br /> CVE-2019-11743<br /> </div> <div class="col-md-3"> <div class="panel panel-default"> <div class="panel-heading clearfix"> <h3 class="panel-title"><i class="fas fa-search"></i> Keyword Search</h3> </div> <div class="panel-body"> <form role="search" method="get" action="/search"> <div class="form-group"> <input type="text" class="form-control" id="search" aria-describedby="search" name="search" placeholder="Search" required> <small id="searchHelp" class="form-text text-muted">Search CVEs, Products and Vendors.</small> </div> <button type="submit" class="btn btn-primary btn-sm">Submit</button> </form> </div> </div> <div class="panel panel-default"> <div class="panel-heading clearfix"> <h3 class="panel-title"><i class="fas fa-database"></i> Plugin Statistics</h3> </div> <div class="panel-body"> Total Plugins: 68,486 </div> </div> <div class="panel panel-default"> <div class="panel-heading clearfix"> <h3 class="panel-title"><i class="fas fa-shield-alt"></i> Latest Vulnerabilities</h3> </div> <div class="panel-body pre-scrollable" style="height: 400px;"> <p> <a href="https://www.mageni.net/1.3.6.1.4.1.25623.1.0.876992" alt="Fedora Update for community-mysql FEDORA-2019-c1fab3f139"><i class="fas fa-shield-alt"></i> Fedora Update for community-mysql FEDORA-2019-c1fab3f139</a> <br /> </p> <p> <a href="https://www.mageni.net/1.3.6.1.4.1.25623.1.0.876990" alt="Fedora Update for java-latest-openjdk FEDORA-2019-119312dbfc"><i class="fas fa-shield-alt"></i> Fedora Update for java-latest-openjdk FEDORA-2019-119312dbfc</a> <br /> </p> <p> <a href="https://www.mageni.net/1.3.6.1.4.1.25623.1.0.876991" alt="Fedora Update for golang FEDORA-2019-34e097c66c"><i class="fas fa-shield-alt"></i> Fedora Update for golang FEDORA-2019-34e097c66c</a> <br /> </p> <p> <a href="https://www.mageni.net/1.3.6.1.4.1.25623.1.0.876989" alt="Fedora Update for community-mysql FEDORA-2019-48a0a07033"><i class="fas fa-shield-alt"></i> Fedora Update for community-mysql FEDORA-2019-48a0a07033</a> <br /> </p> <p> <a href="https://www.mageni.net/1.3.6.1.4.1.25623.1.0.876988" alt="Fedora Update for aspell FEDORA-2019-73919e71f8"><i class="fas fa-shield-alt"></i> Fedora Update for aspell FEDORA-2019-73919e71f8</a> <br /> </p> <p> <a href="https://www.mageni.net/1.3.6.1.4.1.25623.1.0.876987" alt="Fedora Update for crun FEDORA-2019-80a2646798"><i class="fas fa-shield-alt"></i> Fedora Update for crun FEDORA-2019-80a2646798</a> <br /> </p> <p> <a href="https://www.mageni.net/1.3.6.1.4.1.25623.1.0.876986" alt="Fedora Update for mupdf FEDORA-2019-10f02ad597"><i class="fas fa-shield-alt"></i> Fedora Update for mupdf FEDORA-2019-10f02ad597</a> <br /> </p> <p> <a href="https://www.mageni.net/1.3.6.1.4.1.25623.1.0.143112" alt="Smartweares HOME easy Information Disclosure Vulnerability"><i class="fas fa-shield-alt"></i> Smartweares HOME easy Information Disclosure Vulnerability</a> <br /> </p> <p> <a href="https://www.mageni.net/1.3.6.1.4.1.25623.1.0.143111" alt="Smartweares HOME easy Authentication Bypass Vulnerability"><i class="fas fa-shield-alt"></i> Smartweares HOME easy Authentication Bypass Vulnerability</a> <br /> </p> <p> <a href="https://www.mageni.net/1.3.6.1.4.1.25623.1.0.143110" alt="Smartwares HOME easy Detection"><i class="fas fa-shield-alt"></i> Smartwares HOME easy Detection</a> <br /> </p> </div> </div> </div> </div> </div> </div> <!-- Service Box End --> <!-- Call t- action /get started --> <div class="cps-cta cps-gray-bg"> <div class="container"> <div class="row"> <div class="col-md-8 col-xs-12 sm-text-center"> <h3 class="cps-cta-title">Don't pay for a vulnerability scanning and management platform. This one is free.</h3> <p class="cps-cta-text"> Mageni provides a free vulnerability scanning and management platform which helps you need to find, prioritize, remediate and manage your vulnerabilities. </p> </div> <div class="col-md-4 col-xs-12 text-right sm-text-center"> <a class="btn cps-cta-btn btn-primary" href="/register"><i class="fas fa-download"></i>  Download it now</a> </div> </div> </div> </div> <!-- Call t- action /get started end --> </div> <footer class="style-5"> <div class="cps-footer-upper"> <div class="container"> <div class="cps-footer-widget-area"> <div class="row"> <div class="col-md-4 col-sm-6 col-xs-12"> <div class="cps-widget about-widget"> <a class="cps-footer-logo" href="/"> <img src="images/website-letter.svg" style="height: 40px; width: 240px; border: 0; margin: 2px 0; max-width: 100%;" alt="Mageni Logo"> </a> <p> Mageni means "My Defender". Mageni provides a Free Vulnerability Scanning and Management Platform which helps you need to find, prioritize, remediate and manage the vulnerabilities. </p> <div class="cps-socials"> <a href="https://www.facebook.com/magenillc" target="_blank"><i class="fab fa-facebook-f"></i></a> <a href="https://twitter.com/magenisecurity" target="_blank"><i class="fab fa-twitter"></i></a> <a href="https://www.linkedin.com/company/mageni-security" target="_blank"><i class="fab fa-linkedin"></i></a> </div> </div> </div> <div class="col-md-3 col-sm-6 col-xs-12"> <div class="cps-widget custom-menu-widget"> <h4 class="cps-widget-title">Links</h4> <ul class="widget-menu"> <li><a href="https://documentation.mageni.net/" target="_blank">Documentation</a></li> <li><a href="https://opensource.mageni.net/" target="_blank">Open Source</a></li> </ul> </div> </div> <div class="col-md-3 col-sm-6 col-xs-12"> <div class="cps-widget custom-menu-widget"> <h4 class="cps-widget-title">Legal</h4> <ul class="widget-menu"> <li><a href="/eu-privacy">EU Privacy</a></li> <li><a href="/privacy">Privacy</a></li> <li><a href="/legal">Legal</a></li> <li><a href="/terms">Terms</a></li> <li><a href="/contact">Contact</a></li> </ul> </div> </div> <div class="col-md-2 col-sm-6 col-xs-12"> <div class="cps-widget custom-menu-widget"> <h4 class="cps-widget-title">Product</h4> <ul class="widget-menu"> <li><a href="/register">Download</a></li> <li><a href="/features">Features</a></li> <li><a href="/pricing">Product</a></li> <li><a href="/services">Services</a></li> <li><a href="http://www.mageni.net/vulndb">Plugins</a></li> <li><a href="http://www.mageni.net/categories">Categories</a></li> <li><a href="http://www.mageni.net/kb">CVEs</a></li> </ul> </div> </div> </div> </div> </div> </div> <div class="cps-footer-lower"> <div class="container"> <div class="row"> <div class="col-sm-6 col-xs-12 xs-text-center"> <p class="copyright">Mageni Security, LLC. All Rights Reserved.</p> </div> <div class="col-sm-6 col-xs-12 text-right xs-text-center"> <ul class="footer-menu"> <li><a href="/contact">Contact</a></li> </ul> </div> </div> </div> </div> </footer> <!-- Script --> <script src="https://www.mageni.net/assets/js/jquery.min.js"></script> <script src="https://www.mageni.net/assets/js/jquery-migrate-3.0.1.min.js"></script> <script src="https://www.mageni.net/assets/js/bootstrap.min.js"></script> <script src="https://www.mageni.net/assets/js/owl.carousel.js"></script> <script src="https://www.mageni.net/assets/js/visible.js"></script> <script src="https://www.mageni.net/assets/js/jquery.stellar.min.js"></script> <script src="https://www.mageni.net/assets/js/jquery.countTo.js"></script> <script src="https://www.mageni.net/assets/js/imagesloaded.pkgd.min.js"></script> <script src="https://www.mageni.net/assets/js/isotope.pkgd.min.js"></script> <script src="https://www.mageni.net/assets/js/jquery.magnific-popup.min.js"></script> <script src="https://www.mageni.net/assets/js/jquery.ajaxchimp.min.js"></script> <script src="https://www.mageni.net/assets/js/plyr.js"></script> <script src="https://www.mageni.net/assets/js/swiper.min.js"></script> <script src="https://www.mageni.net/assets/js/slick.min.js"></script> <script src="https://www.mageni.net/js/custom.js"></script> </body> </html>