PT-2019-4869 · Mozilla+5 · Firefox+5
Bob Clary
+2
·
Publicado
2019-12-03
·
Atualizado
2024-12-12
·
CVE-2019-17024
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Firefox versions prior to 72
Firefox ESR versions prior to 68.4
Description
The issue is related to a memory safety bug that can be exploited by a remote attacker to access confidential data, compromise data integrity, and cause a denial of service. The bug is associated with a buffer copy error from memory without checking its size. Some of these bugs have shown evidence of memory corruption, and it is presumed that with sufficient effort, they could have been exploited to run arbitrary code.
Recommendations
For Firefox versions prior to 72, update to version 72 or later to resolve the issue.
For Firefox ESR versions prior to 68.4, update to version 68.4 or later to resolve the issue.
Exploit
Correção
Memory Corruption
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Alt Linux
Centos
Firefox
Red Hat
Suse
Ubuntu