PT-2019-4076 · Mozilla+5 · Firefox Esr+7

Nils

·

Publicado

2019-05-21

·

Atualizado

2024-12-12

·

CVE-2019-9819

CVSS v2.0

10

Crítica

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 67 Firefox ESR versions prior to 60.7 Thunderbird versions prior to 60.7
Description The issue is related to a JavaScript compartment mismatch that can occur while working with the fetch API, potentially leading to a crash. This can be exploited by a remote attacker to cause a denial of service.
Recommendations For Firefox versions prior to 67, update to version 67 or later to resolve the issue. For Firefox ESR versions prior to 60.7, update to version 60.7 or later to resolve the issue. For Thunderbird versions prior to 60.7, update to version 60.7 or later to resolve the issue.

Exploit

Correção

RCE

Type Confusion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20CWE-843

Identificadores relacionados

ALT-PU-2019-1876
ALT-PU-2019-1879
ALT-PU-2019-1941
ALT-PU-2019-2324
ALT-PU-2019-2479
ALT-PU-2019-2486
BDU:2019-04639
CESA-2019_1265
CESA-2019_1267
CESA-2019_1269
CESA-2019_1308
CESA-2019_1309
CESA-2019_1310
CVE-2019-9819
DLA-1800-1
DLA-1806-1
DSA-4448-1
DSA-4451-1
MGASA-2019-0190
MGASA-2019-0191
OPENSUSE-SU-2019:1534-1
OPENSUSE-SU-2019:1664-1
OPENSUSE-SU-2019_1484-1
OPENSUSE-SU-2019_1534-1
OPENSUSE-SU-2024:10600-1
OPENSUSE-SU-2024:10601-1
OPENSUSE-SU-2024:14572-1
RHSA-2019:1265
RHSA-2019:1267
RHSA-2019:1269
RHSA-2019:1308
RHSA-2019:1309
RHSA-2019:1310
RHSA-2019_1265
RHSA-2019_1267
RHSA-2019_1269
RHSA-2019_1308
RHSA-2019_1309
RHSA-2019_1310
SUSE-SU-2019:1388-1
SUSE-SU-2019:1405-1
SUSE-SU-2019:1458-1
SUSE-SU-2019_1405-1
USN-3991-1
USN-3991-2
USN-3991-3
USN-3997-1

Produtos afetados

Alt Linux
Centos
Firefox
Firefox Esr
Red Hat
Suse
Thunderbird
Ubuntu