PT-2019-2184 · Mozilla+5 · Firefox Esr+7

Alex Gaynor

+8

·

Published

2019-03-19

·

Updated

2024-12-12

·

CVE-2019-9788

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 66 Firefox ESR versions prior to 60.6 Thunderbird versions prior to 60.6
Description The issue is related to memory safety bugs and buffer copying without checking the size of input data, which could potentially be exploited to run arbitrary code. This may lead to memory corruption.
Recommendations For Firefox versions prior to 66, update to version 66 or later. For Firefox ESR versions prior to 60.6, update to version 60.6 or later. For Thunderbird versions prior to 60.6, update to version 60.6 or later.

Exploit

Fix

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-120

Related Identifiers

ALT-PU-2019-1486
ALT-PU-2019-1497
ALT-PU-2019-1561
ALT-PU-2019-2324
ALT-PU-2019-2486
BDU:2019-01950
CESA-2019_0622
CESA-2019_0623
CESA-2019_0680
CESA-2019_0681
CESA-2019_0966
CESA-2019_1144
CVE-2019-9788
DLA-1722-1
DLA-1743-1
DSA-4411-1
DSA-4420-1
MGASA-2019-0116
MGASA-2019-0129
OPENSUSE-SU-2019:1077-1
OPENSUSE-SU-2019:1126-1
OPENSUSE-SU-2019:1162-1
OPENSUSE-SU-2019_1056-1
OPENSUSE-SU-2019_1077-1
OPENSUSE-SU-2019_1162-1
OPENSUSE-SU-2024:10600-1
OPENSUSE-SU-2024:14572-1
RHSA-2019:0622
RHSA-2019:0623
RHSA-2019:0680
RHSA-2019:0681
RHSA-2019:0966
RHSA-2019:1144
RHSA-2019_0622
RHSA-2019_0623
RHSA-2019_0680
RHSA-2019_0681
RHSA-2019_0966
RHSA-2019_1144
SUSE-SU-2019:0852-1
SUSE-SU-2019:0853-1
SUSE-SU-2019:0871-1
USN-3918-1
USN-3918-2
USN-3918-3
USN-3918-4
USN-3927-1

Affected Products

Alt Linux
Centos
Firefox
Firefox Esr
Red Hat
Suse
Thunderbird
Ubuntu