PT-2019-4541 · Mozilla+2 · Firefox+2

Hanno Böck

+1

·

Publicado

2019-03-19

·

Atualizado

2024-12-12

·

CVE-2019-9809

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 66
Description The issue is related to the management of resources when the source for resources on a page is through an FTP connection. It is possible to trigger a series of modal alert messages for these resources through invalid credentials or locations, leading to a denial of service attack. These messages cannot be immediately dismissed.
Recommendations For versions prior to 66, update to version 66 or later to resolve the issue. As a temporary workaround, consider avoiding the use of FTP connections for resource sourcing until the update is applied. Restrict access to FTP resources to minimize the risk of exploitation.

Exploit

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

ALT-PU-2019-1561
ALT-PU-2019-2324
ALT-PU-2019-2486
BDU:2020-00587
CVE-2019-9809
OPENSUSE-SU-2024:10600-1
OPENSUSE-SU-2024:14572-1
USN-3918-1
USN-3918-2
USN-3918-3
USN-3918-4

Produtos afetados

Alt Linux
Firefox
Ubuntu