Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2019:0966 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2019:1144 | Third Party Advisory |
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1518001%2C1521304%2C1521214%2C1506665%2C1516834%2C1518774%2C1524755%2C1523362%2C1524214%2C1529203 | Issue Tracking Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2019-07/ | Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2019-08/ | Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2019-11/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
30 Mar 2022, 18:47
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:* |
|
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:0966 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:1144 - Third Party Advisory | |
References | (MISC) https://bugzilla.mozilla.org/buglist.cgi?bug_id=1518001%2C1521304%2C1521214%2C1506665%2C1516834%2C1518774%2C1524755%2C1523362%2C1524214%2C1529203 - Issue Tracking, Vendor Advisory | |
First Time |
Redhat enterprise Linux Eus
Redhat enterprise Linux Server Tus Redhat enterprise Linux Server Aus Redhat enterprise Linux Redhat |
|
CWE | CWE-787 |
Information
Published : 2019-04-26 17:29
Updated : 2023-12-10 12:59
NVD link : CVE-2019-9788
Mitre link : CVE-2019-9788
CVE.ORG link : CVE-2019-9788
JSON object : View
Products Affected
mozilla
- thunderbird
- firefox
- firefox_esr
redhat
- enterprise_linux
- enterprise_linux_server_aus
- enterprise_linux_server_tus
- enterprise_linux_eus
CWE
CWE-787
Out-of-bounds Write