CVE-2019-9813
Summary
| CVE | CVE-2019-9813 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2019-04-26 17:29:00 UTC |
|---|
| Updated | 2020-08-24 17:37:00 UTC |
|---|
| Description | Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Security vulnerabilities fixed in Thunderbird 60.6.1 — Mozilla |
MISC |
www.mozilla.org |
Vendor Advisory |
| Red Hat Customer Portal |
REDHAT |
access.redhat.com |
|
| Security vulnerabilities fixed in Firefox 66.0.1 — Mozilla |
MISC |
www.mozilla.org |
Vendor Advisory |
| Security vulnerabilities fixed in Firefox 60.6.1 — Mozilla |
MISC |
www.mozilla.org |
Vendor Advisory |
| Red Hat Customer Portal |
REDHAT |
access.redhat.com |
|
| Access Denied |
MISC |
bugzilla.mozilla.org |
Issue Tracking, Permissions Required, Vendor Advisory |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 500915 Alpine Linux Security Update for firefox-esr
- 504780 Alpine Linux Security Update for firefox-esr
- 671519 EulerOS Security Update for mozjs60 (EulerOS-SA-2022-1431)
- 671545 EulerOS Security Update for mozjs60 (EulerOS-SA-2022-1452)
- 710177 Gentoo Linux Mozilla Thunderbird and Firefox Multiple vulnerabilities (GLSA 201904-07)
