Lucene search
MozillaCVELIST:CVE-2019-17009HistoryJan 08, 2020 - 9:22 p.m.
CVE-2019-17009
2020-01-0821:22:53
mozilla
www.cve.org
2
When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
CNA Affected
[
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"status": "affected",
"version": "before 68.3"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"status": "affected",
"version": "before 68.3"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"status": "affected",
"version": "before 71"
}
]
}
]References
lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html
lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html
bugzilla.mozilla.org/show_bug.cgi?id=1510494
www.mozilla.org/security/advisories/mfsa2019-36/
www.mozilla.org/security/advisories/mfsa2019-37/
www.mozilla.org/security/advisories/mfsa2019-38/
Related
alpinelinux
alpinelinux
CVE-2019-17009
2020-01-08 22:15:11
prion
prion
Sql injection
2020-01-08 22:15:00
ubuntucve
ubuntucve
CVE-2019-17009
2020-01-08 00:00:00
redhatcve
redhatcve
CVE-2019-17009
2019-12-04 00:48:05
cve
cve
CVE-2019-17009
2020-01-08 22:15:11
CVE-2018-12380
2020-01-09 18:15:09
nvd
nvd
CVE-2019-17009
2020-01-08 22:15:11
CVE-2018-12380
2020-01-09 18:15:09
debiancve
debiancve
CVE-2019-17009
2020-01-08 22:15:11
openvas
openvas
Mageia: Security Advisory (MGASA-2019-0377)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2019-0376)
2022-01-28 00:00:00
Mozilla Thunderbird Security Advisory (MFSA2019-38) - Windows
2019-12-06 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2019-12-08 21:12:18
Updated thunderbird packages fix security vulnerabilities
2019-12-08 21:12:18
nessus
nessus
Mozilla Firefox ESR 68.x < 68.3 Multiple vulnerabilities
2019-12-06 00:00:00
SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2019:3337-1)
2019-12-19 00:00:00
Mozilla Thunderbird < 68.3
2019-12-12 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2019-12-03 19:30:37
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 68.3.0-alt1
2019-12-05 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 68.3.1-alt1
2019-12-23 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in - Thunderbird 68.3 — Mozilla
2019-12-03 00:00:00
Security Vulnerabilities fixed in - Firefox ESR 68.3 — Mozilla
2019-12-03 00:00:00
Security Vulnerabilities fixed in - Firefox 71 — Mozilla
2019-12-03 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2020-01-09 00:00:00
Security update for MozillaThunderbird (important)
2020-01-09 00:00:00
kaspersky
kaspersky
KLA11613 Multiple vulnerabilities in Mozilla Thunderbird
2019-11-09 00:00:00
KLA11612 Multiple vulnerabilities in Mozilla Firefox ESR
2019-12-03 00:00:00
KLA11611 Multiple vulnerabilities in Mozilla Firefox
2019-12-03 00:00:00
archlinux
archlinux
[ASA-201912-1] firefox: multiple issues
2019-12-03 00:00:00