PT-2019-4544 · Mozilla+2 · Firefox+2

Anca Soncutean

Publicado

2019-03-19

Atualizado

2024-12-12

CVE-2019-9806

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 66

Description A vulnerability exists during authorization prompting for FTP transactions where successive modal prompts are displayed and cannot be immediately dismissed, allowing for a denial of service attack. The issue is related to an error in the FTP protocol authorization, which can be exploited by a remote attacker to cause a denial of service.

Recommendations For versions prior to 66, update to version 66 or later to resolve the issue. As a temporary workaround, consider avoiding the use of FTP transactions in the affected browser versions until a patch is applied.

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

ALT-PU-2019-1561

ALT-PU-2019-2324

ALT-PU-2019-2486

BDU:2020-00590

CVE-2019-9806

OPENSUSE-SU-2024:10600-1

OPENSUSE-SU-2024:14572-1

USN-3918-1

USN-3918-2

USN-3918-3

USN-3918-4

Produtos afetados

Alt Linux

Firefox

Ubuntu

PT-2019-4544 · Mozilla+2 · Firefox+2

CVE-2019-9806

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 1901