High Threat Security Alert (A19-06-04): Vulnerability in Firefox


 

Published on: 19 June 2019

Share on Facebook    Share on X   

Description:

Mozilla has published a security advisory to address the vulnerability found in Firefox. A remote attacker could entice a user running a vulnerable browser to open a web page with specially crafted content to exploit the vulnerability.

Reports indicate that the vulnerability (CVE-2019-11707) is being exploited in the wild. You are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • Firefox prior to version 67.0.3
  • Firefox ESR prior to version 60.7.1

 

Impact:

Successful exploitation of the vulnerability could lead to remote code execution and application crash on an affected system.

 

Recommendation:

Mozilla has released new versions of the product to address the issues and they can be downloaded at the following URLs:

  • Firefox 67.0.3 for Windows, Macintosh and Linux
    https://www.mozilla.org/en-US/firefox/all/

  • Firefox ESR 60.7.1 for Windows, Macintosh and Linux
    https://www.mozilla.org/en-US/firefox/organizations/all/

Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/
https://www.hkcert.org/my_url/en/alert/19061901
https://www.us-cert.gov/ncas/current-activity/2019/06/18/Mozilla-Releases-Security-Updates-Firefox-and-Firefox-ESR
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11707

 



Tag: Mozilla , Firefox
Tags