A use-after-free vulnerability can occur when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CPENameOperatorVersion
firefoxlt67.0
firefox_esrlt60.7
thunderbirdlt60.7

Name	Operator	Version
firefox	lt	67.0
firefox_esr	lt	60.7
thunderbird	lt	60.7

References

bugzilla.mozilla.org/show_bug.cgi?id=1542465

www.mozilla.org/security/advisories/mfsa2019-13/

www.mozilla.org/security/advisories/mfsa2019-14/

www.mozilla.org/security/advisories/mfsa2019-15/

ubuntucve 1

alpinelinux 1

cvelist 1

debiancve 1

redhatcve 1

cve 1

veracode 1

nvd 1

ibm 3

nessus 53

oraclelinux 6

redhat 6

centos 4

amazon 1

openvas 26

debian 4

archlinux 2

osv 4

mageia 2

ubuntu 4

kaspersky 3

slackware 1

mozilla 3

altlinux 2

suse 3

freebsd 1

ubuntucve

CVE-2019-11691

2019-05-21 00:00:00

alpinelinux

CVE-2019-11691

2019-07-23 14:15:13

cvelist

CVE-2019-11691

2019-07-23 13:23:12

debiancve

CVE-2019-11691

2019-07-23 14:15:13

redhatcve

CVE-2019-11691

2020-04-02 13:54:38

cve

CVE-2019-11691

2019-07-23 14:15:13

veracode

Denial Of Service (DoS)

2019-05-27 00:39:13

nvd

CVE-2019-11691

2019-07-23 14:15:13

ibm

Security Bulletin: Synthetic Playback Agent 8.1.x is affected by multiple vulnerabilities

2019-08-08 09:37:13

Security Bulletin: Multiple Mozilla Firefox vulnerability in IBM SONAS

2019-07-08 08:00:01

Security Bulletin: WebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in busybox, arpwatch, apr, acpid, augeas, firefox, ctdb.

2021-12-15 07:41:22

nessus

Oracle Linux 6 : thunderbird (ELSA-2019-1310)

2019-06-04 00:00:00

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20190604)

2019-06-05 00:00:00

RHEL 6 : thunderbird (RHSA-2019:1310)

2019-06-04 00:00:00

oraclelinux

thunderbird security update

2019-06-03 00:00:00

thunderbird security update

2019-07-30 00:00:00

thunderbird security update

2019-06-03 00:00:00

redhat

(RHSA-2019:1308) Important: thunderbird security update

2019-06-03 20:24:05

(RHSA-2019:1310) Important: thunderbird security update

2019-06-03 20:24:28

(RHSA-2019:1309) Important: thunderbird security update

2019-06-03 20:24:17

centos

thunderbird security update

2019-06-10 22:49:17

thunderbird security update

2019-06-10 22:30:16

firefox security update

2019-05-29 19:47:30

amazon

Critical: thunderbird

2019-06-11 23:24:00

openvas

CentOS Update for thunderbird CESA-2019:1310 centos6

2019-06-11 00:00:00

CentOS Update for thunderbird CESA-2019:1309 centos7

2019-06-11 00:00:00

Debian: Security Advisory (DLA-1806-1)

2019-05-28 00:00:00

debian

[SECURITY] [DLA 1800-1] firefox-esr security update

2019-05-23 09:40:35

[SECURITY] [DLA 1806-1] thunderbird security update

2019-05-27 08:46:54

[SECURITY] [DSA 4448-1] firefox-esr security update

2019-05-22 21:24:31

archlinux

[ASA-201905-8] thunderbird: multiple issues

2019-05-23 00:00:00

[ASA-201905-9] firefox: multiple issues

2019-05-23 00:00:00

osv

firefox-esr - security update

2019-05-22 00:00:00

firefox-esr - security update

2019-05-23 00:00:00

thunderbird - security update

2019-05-27 00:00:00

mageia

Updated thunderbird packages fix security vulnerabilities

2019-06-10 22:17:03

Updated firefox packages fix security vulnerabilities

2019-06-10 22:17:03

ubuntu

Thunderbird vulnerabilities

2019-05-28 00:00:00

Firefox vulnerabilities

2019-05-21 00:00:00

Firefox regression

2019-06-06 00:00:00

kaspersky

KLA11488 Multiple vulnerabilities in Mozilla Thunderbird

2019-05-21 00:00:00

KLA11487 Multiple vulnerabilities in Mozilla Firefox ESR

2019-05-21 00:00:00

KLA11486 Multiple vulnerabilities in Mozilla Firefox

2019-05-21 00:00:00

slackware

[slackware-security] mozilla-firefox

2019-05-21 23:35:28

mozilla

Security vulnerabilities fixed in Firefox ESR 60.7 — Mozilla

2019-05-21 00:00:00

Security vulnerabilities fixed in Thunderbird 60.7 — Mozilla

2019-05-21 00:00:00

Security vulnerabilities fixed in Firefox 67 — Mozilla

2019-05-21 00:00:00

altlinux

Security fix for the ALT Linux 10 package thunderbird version 60.7.0-alt1

2019-05-20 00:00:00

Security fix for the ALT Linux 10 package firefox-esr version 60.7.0-alt1

2019-05-21 00:00:00

suse

Security update for MozillaThunderbird (important)

2019-06-02 00:00:00

Security update for MozillaFirefox (important)

2019-06-10 00:00:00

Security update for MozillaThunderbird (important)

2019-06-28 00:00:00

freebsd

mozilla -- multiple vulnerabilities

2019-05-21 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.1 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.7%

JSON

Related for PRION:CVE-2019-11691