Mozilla Firefox Multiple Security Vulnerabilities

Risk

High

Date Discovered

October 22, 2019

Description

Mozilla Firefox is prone to the following security vulnerabilities: 1. Multiple security-bypass vulnerabilities 2. A security vulnerability Attackers can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. These issues are fixed in the following: Firefox 70

Technologies Affected

  • Mozilla Firefox 0.1
  • Mozilla Firefox 0.10.0
  • Mozilla Firefox 0.10.1
  • Mozilla Firefox 0.2
  • Mozilla Firefox 0.3
  • Mozilla Firefox 0.4
  • Mozilla Firefox 0.5
  • Mozilla Firefox 0.6
  • Mozilla Firefox 0.6.1
  • Mozilla Firefox 0.7
  • Mozilla Firefox 0.7.1
  • Mozilla Firefox 0.8.0
  • Mozilla Firefox 0.9.0
  • Mozilla Firefox 0.9.1
  • Mozilla Firefox 0.9.2
  • Mozilla Firefox 0.9.3
  • Mozilla Firefox 1.0.0
  • Mozilla Firefox 1.0.1
  • Mozilla Firefox 1.0.2
  • Mozilla Firefox 1.0.3
  • Mozilla Firefox 1.0.4
  • Mozilla Firefox 1.0.5
  • Mozilla Firefox 1.0.6
  • Mozilla Firefox 1.0.7
  • Mozilla Firefox 1.0.8
  • Mozilla Firefox 1.4.1
  • Mozilla Firefox 1.5.0 12
  • Mozilla Firefox 1.5.0
  • Mozilla Firefox 1.5.0.1
  • Mozilla Firefox 1.5.0.10
  • Mozilla Firefox 1.5.0.11
  • Mozilla Firefox 1.5.0.2
  • Mozilla Firefox 1.5.0.3
  • Mozilla Firefox 1.5.0.4
  • Mozilla Firefox 1.5.0.5
  • Mozilla Firefox 1.5.0.6
  • Mozilla Firefox 1.5.0.7
  • Mozilla Firefox 1.5.0.8
  • Mozilla Firefox 1.5.0.9
  • Mozilla Firefox 1.5.1
  • Mozilla Firefox 1.5.2
  • Mozilla Firefox 1.5.3
  • Mozilla Firefox 1.5.4
  • Mozilla Firefox 1.5.5
  • Mozilla Firefox 1.5.6
  • Mozilla Firefox 1.5.7
  • Mozilla Firefox 1.5.8
  • Mozilla Firefox 1.8
  • Mozilla Firefox 10
  • Mozilla Firefox 10.0
  • Mozilla Firefox 10.0.1
  • Mozilla Firefox 10.0.10
  • Mozilla Firefox 10.0.11
  • Mozilla Firefox 10.0.12
  • Mozilla Firefox 10.0.2
  • Mozilla Firefox 10.0.3
  • Mozilla Firefox 10.0.4
  • Mozilla Firefox 10.0.5
  • Mozilla Firefox 10.0.6
  • Mozilla Firefox 10.0.7
  • Mozilla Firefox 10.0.8
  • Mozilla Firefox 10.0.9
  • Mozilla Firefox 11.0
  • Mozilla Firefox 12.0
  • Mozilla Firefox 12.0 Beta6
  • Mozilla Firefox 13.0
  • Mozilla Firefox 13.0.1
  • Mozilla Firefox 14
  • Mozilla Firefox 14.0
  • Mozilla Firefox 14.0.1
  • Mozilla Firefox 14.01
  • Mozilla Firefox 15
  • Mozilla Firefox 15.0
  • Mozilla Firefox 15.0.1
  • Mozilla Firefox 16
  • Mozilla Firefox 16.0
  • Mozilla Firefox 16.0.1
  • Mozilla Firefox 16.0.2
  • Mozilla Firefox 17.0
  • Mozilla Firefox 17.0.1
  • Mozilla Firefox 17.0.10
  • Mozilla Firefox 17.0.11
  • Mozilla Firefox 17.0.2
  • Mozilla Firefox 17.0.3
  • Mozilla Firefox 17.0.4
  • Mozilla Firefox 17.0.5
  • Mozilla Firefox 17.0.6
  • Mozilla Firefox 17.0.7
  • Mozilla Firefox 17.0.8
  • Mozilla Firefox 17.0.9
  • Mozilla Firefox 18.0
  • Mozilla Firefox 18.0.1
  • Mozilla Firefox 18.0.2
  • Mozilla Firefox 19.0
  • Mozilla Firefox 19.0.1
  • Mozilla Firefox 19.0.2
  • Mozilla Firefox 2.0 .1
  • Mozilla Firefox 2.0 .10
  • Mozilla Firefox 2.0 .4
  • Mozilla Firefox 2.0 .5
  • Mozilla Firefox 2.0 .6
  • Mozilla Firefox 2.0 .7
  • Mozilla Firefox 2.0 .9
  • Mozilla Firefox 2.0 8
  • Mozilla Firefox 2.0
  • Mozilla Firefox 2.0.0 .19
  • Mozilla Firefox 2.0.0 20
  • Mozilla Firefox 2.0.0.1
  • Mozilla Firefox 2.0.0.10
  • Mozilla Firefox 2.0.0.11
  • Mozilla Firefox 2.0.0.12
  • Mozilla Firefox 2.0.0.13
  • Mozilla Firefox 2.0.0.14
  • Mozilla Firefox 2.0.0.15
  • Mozilla Firefox 2.0.0.16
  • Mozilla Firefox 2.0.0.17
  • Mozilla Firefox 2.0.0.18
  • Mozilla Firefox 2.0.0.19
  • Mozilla Firefox 2.0.0.2
  • Mozilla Firefox 2.0.0.21
  • Mozilla Firefox 2.0.0.3
  • Mozilla Firefox 2.0.0.4
  • Mozilla Firefox 2.0.0.5
  • Mozilla Firefox 2.0.0.6
  • Mozilla Firefox 2.0.0.7
  • Mozilla Firefox 2.0.0.8
  • Mozilla Firefox 2.0.0.9
  • Mozilla Firefox 20.0
  • Mozilla Firefox 20.0.1
  • Mozilla Firefox 21.0
  • Mozilla Firefox 22.0
  • Mozilla Firefox 22.0.0.4917
  • Mozilla Firefox 23.0
  • Mozilla Firefox 23.0.1
  • Mozilla Firefox 24.0
  • Mozilla Firefox 24.1
  • Mozilla Firefox 24.1.1
  • Mozilla Firefox 25.0
  • Mozilla Firefox 25.0.1
  • Mozilla Firefox 26
  • Mozilla Firefox 26.0
  • Mozilla Firefox 27
  • Mozilla Firefox 27.0
  • Mozilla Firefox 27.0.1
  • Mozilla Firefox 28
  • Mozilla Firefox 28.0
  • Mozilla Firefox 28.0.1
  • Mozilla Firefox 29
  • Mozilla Firefox 29.0
  • Mozilla Firefox 29.0.1
  • Mozilla Firefox 3.0
  • Mozilla Firefox 3.0.1
  • Mozilla Firefox 3.0.10
  • Mozilla Firefox 3.0.11
  • Mozilla Firefox 3.0.12
  • Mozilla Firefox 3.0.13
  • Mozilla Firefox 3.0.14
  • Mozilla Firefox 3.0.15
  • Mozilla Firefox 3.0.16
  • Mozilla Firefox 3.0.17
  • Mozilla Firefox 3.0.18
  • Mozilla Firefox 3.0.19
  • Mozilla Firefox 3.0.2
  • Mozilla Firefox 3.0.3
  • Mozilla Firefox 3.0.4
  • Mozilla Firefox 3.0.5
  • Mozilla Firefox 3.0.6
  • Mozilla Firefox 3.0.7
  • Mozilla Firefox 3.0.7 Beta
  • Mozilla Firefox 3.0.8
  • Mozilla Firefox 3.0.9
  • Mozilla Firefox 3.0Beta5
  • Mozilla Firefox 3.1
  • Mozilla Firefox 3.1 Beta 1
  • Mozilla Firefox 3.1 Beta 2
  • Mozilla Firefox 3.1 Beta 3
  • Mozilla Firefox 3.5.0
  • Mozilla Firefox 3.5.1
  • Mozilla Firefox 3.5.10
  • Mozilla Firefox 3.5.11
  • Mozilla Firefox 3.5.12
  • Mozilla Firefox 3.5.13
  • Mozilla Firefox 3.5.14
  • Mozilla Firefox 3.5.15
  • Mozilla Firefox 3.5.16
  • Mozilla Firefox 3.5.17
  • Mozilla Firefox 3.5.18
  • Mozilla Firefox 3.5.19
  • Mozilla Firefox 3.5.2
  • Mozilla Firefox 3.5.3
  • Mozilla Firefox 3.5.4
  • Mozilla Firefox 3.5.5
  • Mozilla Firefox 3.5.6
  • Mozilla Firefox 3.5.7
  • Mozilla Firefox 3.5.8
  • Mozilla Firefox 3.5.9
  • Mozilla Firefox 3.6
  • Mozilla Firefox 3.6
  • Mozilla Firefox 3.6
  • Mozilla Firefox 3.6 A1 Pre
  • Mozilla Firefox 3.6 Beta 2
  • Mozilla Firefox 3.6 Beta 3
  • Mozilla Firefox 3.6.1
  • Mozilla Firefox 3.6.10
  • Mozilla Firefox 3.6.11
  • Mozilla Firefox 3.6.12
  • Mozilla Firefox 3.6.13
  • Mozilla Firefox 3.6.14
  • Mozilla Firefox 3.6.15
  • Mozilla Firefox 3.6.16
  • Mozilla Firefox 3.6.17
  • Mozilla Firefox 3.6.18
  • Mozilla Firefox 3.6.19
  • Mozilla Firefox 3.6.2
  • Mozilla Firefox 3.6.20
  • Mozilla Firefox 3.6.21
  • Mozilla Firefox 3.6.22
  • Mozilla Firefox 3.6.23
  • Mozilla Firefox 3.6.24
  • Mozilla Firefox 3.6.25
  • Mozilla Firefox 3.6.26
  • Mozilla Firefox 3.6.27
  • Mozilla Firefox 3.6.28
  • Mozilla Firefox 3.6.3
  • Mozilla Firefox 3.6.4
  • Mozilla Firefox 3.6.5
  • Mozilla Firefox 3.6.7
  • Mozilla Firefox 3.6.8
  • Mozilla Firefox 3.7 A1 Pre
  • Mozilla Firefox 30
  • Mozilla Firefox 30.0
  • Mozilla Firefox 31
  • Mozilla Firefox 31.0
  • Mozilla Firefox 31.1
  • Mozilla Firefox 31.1.0
  • Mozilla Firefox 31.6
  • Mozilla Firefox 31.8
  • Mozilla Firefox 31.8.0
  • Mozilla Firefox 32
  • Mozilla Firefox 32.0
  • Mozilla Firefox 32.0.3
  • Mozilla Firefox 33
  • Mozilla Firefox 33.0
  • Mozilla Firefox 34
  • Mozilla Firefox 34.0.5
  • Mozilla Firefox 35
  • Mozilla Firefox 35.0.1
  • Mozilla Firefox 36
  • Mozilla Firefox 36.0.3
  • Mozilla Firefox 36.0.4
  • Mozilla Firefox 37
  • Mozilla Firefox 37.0.1
  • Mozilla Firefox 37.0.2
  • Mozilla Firefox 38
  • Mozilla Firefox 39
  • Mozilla Firefox 39.0.3
  • Mozilla Firefox 4.0
  • Mozilla Firefox 4.0.1
  • Mozilla Firefox 40
  • Mozilla Firefox 40.0.3
  • Mozilla Firefox 41
  • Mozilla Firefox 41.0.2
  • Mozilla Firefox 42
  • Mozilla Firefox 43
  • Mozilla Firefox 43.0.1
  • Mozilla Firefox 43.0.2
  • Mozilla Firefox 44
  • Mozilla Firefox 44.0.2
  • Mozilla Firefox 45
  • Mozilla Firefox 45.0.2
  • Mozilla Firefox 46
  • Mozilla Firefox 46.0.1
  • Mozilla Firefox 47
  • Mozilla Firefox 48
  • Mozilla Firefox 49
  • Mozilla Firefox 49.0.1
  • Mozilla Firefox 49.0.2
  • Mozilla Firefox 5.0
  • Mozilla Firefox 5.0.1
  • Mozilla Firefox 50
  • Mozilla Firefox 50.0.1
  • Mozilla Firefox 50.0.2
  • Mozilla Firefox 50.1
  • Mozilla Firefox 51
  • Mozilla Firefox 52
  • Mozilla Firefox 52.0.1
  • Mozilla Firefox 53
  • Mozilla Firefox 53.0.2
  • Mozilla Firefox 54
  • Mozilla Firefox 55
  • Mozilla Firefox 56
  • Mozilla Firefox 57
  • Mozilla Firefox 57.0.1
  • Mozilla Firefox 57.0.2
  • Mozilla Firefox 57.0.4
  • Mozilla Firefox 58
  • Mozilla Firefox 58.0.1
  • Mozilla Firefox 59
  • Mozilla Firefox 59.0.1
  • Mozilla Firefox 59.0.2
  • Mozilla Firefox 6
  • Mozilla Firefox 6.0
  • Mozilla Firefox 6.0.1
  • Mozilla Firefox 6.0.2
  • Mozilla Firefox 60
  • Mozilla Firefox 60.0.2
  • Mozilla Firefox 61
  • Mozilla Firefox 62
  • Mozilla Firefox 62.0.2
  • Mozilla Firefox 62.0.3
  • Mozilla Firefox 63
  • Mozilla Firefox 63.0.3
  • Mozilla Firefox 64
  • Mozilla Firefox 65
  • Mozilla Firefox 65.0.1
  • Mozilla Firefox 65.0.2
  • Mozilla Firefox 66
  • Mozilla Firefox 66.0.1
  • Mozilla Firefox 66.0.2
  • Mozilla Firefox 66.0.3
  • Mozilla Firefox 66.0.4
  • Mozilla Firefox 67
  • Mozilla Firefox 67.0.2
  • Mozilla Firefox 67.0.3
  • Mozilla Firefox 67.0.4
  • Mozilla Firefox 68
  • Mozilla Firefox 68.0.1
  • Mozilla Firefox 68.0.2
  • Mozilla Firefox 69
  • Mozilla Firefox 69.0.1
  • Mozilla Firefox 69.0.2
  • Mozilla Firefox 7
  • Mozilla Firefox 7.0
  • Mozilla Firefox 7.0.1
  • Mozilla Firefox 8.0
  • Mozilla Firefox 8.0.1
  • Mozilla Firefox 9.0
  • Mozilla Firefox 9.0.1

Recommendations

Run all software as a nonprivileged user with minimal access rights.
Ensure that all nonadministrative tasks, such as browsing the web and reading email, are performed as an unprivileged user with minimal access rights.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits

Do not follow links provided by unknown or untrusted sources.
To reduce the likelihood of successful exploits, never visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources.

Implement multiple redundant layers of security.
Memory-protection schemes (such as non executable stack and heap configurations and randomly mapped memory segments) will complicate exploits of memory-corruption vulnerabilities.

Updates are available. Please see the references or vendor advisory for more information.

References

Credits

Paul Theriault, Yangzheng Li, Matheus Vrech, Kevin Brosnan


© 1995- Symantec Corporation

Permission to redistribute this alert electronically is granted as long as it is not edited in any way unless authorized by Symantec Security Response. Reprinting the whole or part of this alert in any medium other than electronically requires permission from secure@symantec.com.

Disclaimer

The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.

Symantec, Symantec products, Symantec Security Response, and secure@symantec.com are registered trademarks of Symantec Corp. and/or affiliated companies in the United States and other countries. All other registered and unregistered trademarks represented in this document are the sole property of their respective companies/owners.