PT-2019-4544 · Mozilla+2 · Firefox+2

Anca Soncutean

Published

2019-03-19

Updated

2024-12-12

CVE-2019-9806

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 66

Description A vulnerability exists during authorization prompting for FTP transactions where successive modal prompts are displayed and cannot be immediately dismissed, allowing for a denial of service attack. The issue is related to an error in the FTP protocol authorization, which can be exploited by a remote attacker to cause a denial of service.

Recommendations For versions prior to 66, update to version 66 or later to resolve the issue. As a temporary workaround, consider avoiding the use of FTP transactions in the affected browser versions until a patch is applied.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

ALT-PU-2019-1561

ALT-PU-2019-2324

ALT-PU-2019-2486

BDU:2020-00590

CVE-2019-9806

OPENSUSE-SU-2024:10600-1

OPENSUSE-SU-2024:14572-1

USN-3918-1

USN-3918-2

USN-3918-3

USN-3918-4

Affected Products

Alt Linux

Firefox

Ubuntu

PT-2019-4544 · Mozilla+2 · Firefox+2

CVE-2019-9806

Weakness Enumeration

Related Identifiers

Affected Products

References · 1901