CVE-2019-11764
Summary
| CVE | CVE-2019-11764 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2020-01-08 21:15:00 UTC |
|---|
| Updated | 2022-01-01 20:02:00 UTC |
|---|
| Description | Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Mozilla Thunderbird: Multiple vulnerabilities (GLSA 202003-10) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| Security vulnerabilities fixed in - Thunderbird 68.2 — Mozilla |
CONFIRM |
www.mozilla.org |
Vendor Advisory |
| Bug List |
MISC |
bugzilla.mozilla.org |
Exploit, Issue Tracking, Vendor Advisory |
| USN-4335-1: Thunderbird vulnerabilities | Ubuntu security notices |
UBUNTU |
usn.ubuntu.com |
|
| Security vulnerabilities fixed in - Firefox ESR 68.2 — Mozilla |
CONFIRM |
www.mozilla.org |
Vendor Advisory |
| Security vulnerabilities fixed in - Firefox 70 — Mozilla |
CONFIRM |
www.mozilla.org |
Vendor Advisory |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 296079 Oracle Solaris 11.4 Support Repository Update (SRU) 15.5.0 Missing (CPUOCT2019)
- 500923 Alpine Linux Security Update for firefox-esr
- 500944 Alpine Linux Security Update for firefox
- 503829 Alpine Linux Security Update for firefox
