PT-2019-3443 · Mozilla+5 · Firefox Esr+7

Linus Särud

·

Publicado

2019-07-10

·

Atualizado

2024-12-12

·

CVE-2019-11715

CVSS v3.1

6.1

Média

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Firefox ESR versions prior to 60.8 Firefox versions prior to 68 Thunderbird versions prior to 60.8
Description The issue is related to an error in parsing page content, which can cause properly sanitized user input to be misinterpreted. This can lead to XSS hazards on websites under certain circumstances. The vulnerability may allow a remote attacker to execute arbitrary code.
Recommendations For Firefox ESR versions prior to 60.8, update to version 60.8 or later. For Firefox versions prior to 68, update to version 68 or later. For Thunderbird versions prior to 60.8, update to version 60.8 or later.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

ALT-PU-2019-2231
ALT-PU-2019-2233
ALT-PU-2019-2249
ALT-PU-2019-2259
ALT-PU-2019-2301
ALT-PU-2019-2324
ALT-PU-2019-2479
ALT-PU-2019-2486
ALT-PU-2020-1166
ALT-PU-2020-1515
BDU:2019-03614
CESA-2019_1763
CESA-2019_1764
CESA-2019_1765
CESA-2019_1775
CESA-2019_1777
CESA-2019_1799
CVE-2019-11715
DLA-1869-1
DLA-1870-1
DSA-4479-1
DSA-4482-1
MGASA-2019-0211
MGASA-2019-0212
MGASA-2019-0213
MGASA-2019-0272
OPENSUSE-SU-2019:1782-1
OPENSUSE-SU-2019:1811-1
OPENSUSE-SU-2019:1813-1
OPENSUSE-SU-2019:1990-1
OPENSUSE-SU-2019:2248-1
OPENSUSE-SU-2019:2249-1
OPENSUSE-SU-2019_1782-1
OPENSUSE-SU-2019_1811-1
OPENSUSE-SU-2019_1813-1
OPENSUSE-SU-2019_2248-1
OPENSUSE-SU-2019_2249-1
OPENSUSE-SU-2024:10600-1
OPENSUSE-SU-2024:10601-1
OPENSUSE-SU-2024:14572-1
RHSA-2019:1763
RHSA-2019:1764
RHSA-2019:1765
RHSA-2019:1775
RHSA-2019:1777
RHSA-2019:1799
RHSA-2019_1763
RHSA-2019_1764
RHSA-2019_1765
RHSA-2019_1775
RHSA-2019_1777
RHSA-2019_1799
SUSE-SU-2019:14124-1
SUSE-SU-2019:14246-1
SUSE-SU-2019:1861-1
SUSE-SU-2019:1861-2
SUSE-SU-2019:1861-3
SUSE-SU-2019:1869-1
SUSE-SU-2019:1960-1
SUSE-SU-2019:2515-1
SUSE-SU-2019:2620-1
SUSE-SU-2019_14124-1
SUSE-SU-2019_14246-1
USN-4054-1
USN-4054-2
USN-4064-1

Produtos afetados

Alt Linux
Centos
Firefox
Firefox Esr
Red Hat
Suse
Thunderbird
Ubuntu