Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
08 Apr 2022, 14:34
Type | Values Removed | Values Added |
---|---|---|
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html - Mailing List, Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0295 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0111 - Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2020/dsa-4603 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0120 - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html - Mailing List, Third Party Advisory | |
References | (MISC) https://bugzilla.mozilla.org/buglist.cgi?bug_id=1507180%2C1595470%2C1598605%2C1601826 - Issue Tracking, Vendor Advisory | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2020/Jan/26 - Mailing List, Third Party Advisory | |
References | (MISC) http://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.html - Exploit, Third Party Advisory, VDB Entry | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0292 - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4241-1/ - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4335-1/ - Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/202003-02 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0127 - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html - Mailing List, Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0123 - Third Party Advisory | |
CWE | CWE-787 | |
First Time |
Redhat enterprise Linux
Opensuse Redhat enterprise Linux Eus Opensuse leap |
|
CPE | cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:* |
Information
Published : 2020-01-08 22:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-17024
Mitre link : CVE-2019-17024
CVE.ORG link : CVE-2019-17024
JSON object : View
Products Affected
redhat
- enterprise_linux_desktop
- enterprise_linux
- enterprise_linux_server_aus
- enterprise_linux_server
- enterprise_linux_server_tus
- enterprise_linux_eus
- enterprise_linux_workstation
mozilla
- firefox
- firefox_esr
opensuse
- leap
debian
- debian_linux
canonical
- ubuntu_linux
CWE
CWE-787
Out-of-bounds Write