Skip Ribbon Commands
Skip to main content
Mauritian National Computer Security Incident Response Team (CERT-MU)

VN-2018-35


Mozilla Firefox Multiple Bugs Let Remote Users Spoof Filenames, Bypass Security Restrictions, Obtain Potentially Sensitive Information, and Execute Arbitrary Code
Severity Rating: Medium
Description
Multiple vulnerabilities were reported in Mozilla Firefox. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can bypass security controls on the target system. A remote user can obtain potentially sensitive information on the target system. A remote user can spoof filenames.
A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Impact
A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
A remote user can spoof filenames.
Solution
The vendor has issued a fix (60.0).
Users are advised to apply updates.
More information is available on:
Vendor Information
Mozilla
 
References
Security Tracker
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis