CVE-2019-9811

As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS v3 8.3 HIGH
CVSS v2.0 5.1 MEDIUM

8.3^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

5.1^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability : 4.9 / Impact : 6.4

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00055.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00058.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html	Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1538007	Issue Tracking Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1539598	Exploit Issue Tracking Patch Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1563327	Exploit Issue Tracking Vendor Advisory
https://lists.debian.org/debian-lts-announce/2019/08/msg00001.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html	Mailing List Third Party Advisory
https://security.gentoo.org/glsa/201908-12	Third Party Advisory
https://security.gentoo.org/glsa/201908-20	Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2019-21/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2019-22/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2019-23/	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox_esr::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
	cpe:2.3:o:opensuse:leap:15.0:::::::*
	cpe:2.3:o:opensuse:leap:15.1:::::::*

History

28 Feb 2023, 14:40

Type	Values Removed	Values Added
First Time		Debian Opensuse leap Novell suse Package Hub For Suse Linux Enterprise Novell Debian debian Linux Opensuse
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00055.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00055.html - Third Party Advisory
References	~~(MLIST) https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html -~~	(MLIST) https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html - Mailing List, Third Party Advisory
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html - Third Party Advisory
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html - Third Party Advisory
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html - Third Party Advisory
References	~~(GENTOO) https://security.gentoo.org/glsa/201908-12 -~~	(GENTOO) https://security.gentoo.org/glsa/201908-12 - Third Party Advisory
References	~~(MISC) https://bugzilla.mozilla.org/show_bug.cgi?id=1538007 - Permissions Required~~	(MISC) https://bugzilla.mozilla.org/show_bug.cgi?id=1538007 - Issue Tracking, Permissions Required
References	~~(MLIST) https://lists.debian.org/debian-lts-announce/2019/08/msg00001.html -~~	(MLIST) https://lists.debian.org/debian-lts-announce/2019/08/msg00001.html - Mailing List, Third Party Advisory
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00058.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00058.html - Third Party Advisory
References	~~(GENTOO) https://security.gentoo.org/glsa/201908-20 -~~	(GENTOO) https://security.gentoo.org/glsa/201908-20 - Third Party Advisory
References	~~(MISC) https://bugzilla.mozilla.org/show_bug.cgi?id=1563327 - Permissions Required~~	(MISC) https://bugzilla.mozilla.org/show_bug.cgi?id=1563327 - Exploit, Issue Tracking, Vendor Advisory
CPE		cpe:2.3:o:opensuse:leap:15.0:::::::* cpe:2.3:o:debian:debian_linux:8.0:::::::* cpe:2.3:o:opensuse:leap:15.1:::::::* cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*

Information

Published : 2019-07-23 14:15

Updated : 2023-12-10 12:59

NVD link : CVE-2019-9811

Mitre link : CVE-2019-9811

CVE.ORG link : CVE-2019-9811

JSON object : View

Products Affected

mozilla

firefox
firefox_esr
thunderbird

novell

suse_package_hub_for_suse_linux_enterprise

debian

debian_linux

opensuse

leap

CWE

CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

8.3 /10