When following the value’s prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.

CPENameOperatorVersion
ubuntu_linuxeq16.04
firefoxlt70.0
firefox_esrlt68.2
thunderbirdlt68.2

Name	Operator	Version
ubuntu_linux	eq	16.04
firefox	lt	70.0
firefox_esr	lt	68.2
thunderbird	lt	68.2

References

bugzilla.mozilla.org/show_bug.cgi?id=1577107

security.gentoo.org/glsa/202003-10

usn.ubuntu.com/4335-1/

www.mozilla.org/security/advisories/mfsa2019-33/

www.mozilla.org/security/advisories/mfsa2019-34/

www.mozilla.org/security/advisories/mfsa2019-35/

cvelist 1

cve 1

veracode 1

nvd 1

ubuntucve 1

redhatcve 1

alpinelinux 1

debiancve 1

ibm 1

debian 4

archlinux 2

nessus 53

redhat 6

oraclelinux 5

openvas 29

osv 4

centos 4

suse 4

amazon 1

mageia 2

kaspersky 3

slackware 1

mozilla 3

altlinux 2

ubuntu 4

threatpost 1

gentoo 1

cvelist

CVE-2019-11757

2020-01-08 19:26:23

cve

CVE-2019-11757

2020-01-08 20:15:12

veracode

Denial Of Service (DoS)

2019-10-24 00:22:26

nvd

CVE-2019-11757

2020-01-08 20:15:12

ubuntucve

CVE-2019-11757

2019-10-22 00:00:00

redhatcve

CVE-2019-11757

2019-10-23 06:20:51

alpinelinux

CVE-2019-11757

2020-01-08 20:15:12

debiancve

CVE-2019-11757

2020-01-08 20:15:12

ibm

Security Bulletin: Multiple vulnerabilities of Mozzila Firefox (less than Firefox 68.2.0 ESR) have affected Synthetic Playback Agent 8.1.4.0 - 8.1.4 IF09

2019-12-19 05:23:04

debian

[SECURITY] [DSA 4549-1] firefox-esr security update

2019-10-24 20:43:48

[SECURITY] [DLA 1987-1] firefox-esr security update

2019-11-10 09:50:09

[SECURITY] [DSA 4571-1] thunderbird security update

2019-11-17 21:55:35

archlinux

[ASA-201910-15] thunderbird: multiple issues

2019-10-26 00:00:00

[ASA-201910-16] firefox: multiple issues

2019-10-26 00:00:00

nessus

Debian DSA-4549-1 : firefox-esr - security update

2019-10-28 00:00:00

Debian DLA-1987-1 : firefox-esr security update

2019-11-12 00:00:00

NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Multiple Vulnerabilities (NS-SA-2019-0216)

2019-12-02 00:00:00

redhat

(RHSA-2019:3281) Critical: firefox security update

2019-10-31 13:19:24

(RHSA-2019:3237) Important: thunderbird security update

2019-10-29 13:29:02

(RHSA-2019:3196) Critical: firefox security update

2019-10-24 08:09:07

oraclelinux

firefox security update

2019-10-23 00:00:00

firefox security update

2019-10-24 00:00:00

thunderbird security update

2019-10-30 00:00:00

openvas

Debian: Security Advisory (DLA-1987-1)

2019-11-11 00:00:00

CentOS Update for firefox CESA-2019:3281 centos6

2019-11-02 00:00:00

Debian: Security Advisory (DSA-4549-1)

2019-10-26 00:00:00

osv

firefox-esr - security update

2019-10-24 00:00:00

firefox-esr - security update

2019-11-10 00:00:00

thunderbird - security update

2019-11-18 00:00:00

centos

firefox security update

2019-11-01 22:26:11

thunderbird security update

2019-10-31 14:48:49

thunderbird security update

2019-11-14 01:20:42

suse

2019-11-09 00:00:00

Security update for MozillaFirefox, MozillaFirefox-branding-SLE (important)

2019-11-09 00:00:00

amazon

Important: thunderbird

2019-12-13 19:41:00

mageia

Updated thunderbird packages fix security vulnerabilities

2019-11-08 02:36:48

Updated firefox packages fix security vulnerabilities

2019-11-08 02:36:48

kaspersky

KLA11591 Multiple vulnerabilities in Mozilla Thunderbird

2019-09-22 00:00:00

KLA11590 Multiple vulnerabilities in Mozilla Firefox ESR

2019-10-22 00:00:00

KLA11589 Multiple vulnerabilities in Mozilla Firefox

2019-10-22 00:00:00

slackware

[slackware-security] mozilla-firefox

2019-10-22 19:35:11

mozilla

Security vulnerabilities fixed in - Firefox ESR 68.2 — Mozilla

2019-10-22 00:00:00

Security vulnerabilities fixed in - Thunderbird 68.2 — Mozilla

2019-10-22 00:00:00

Security vulnerabilities fixed in - Firefox 70 — Mozilla

2019-10-22 00:00:00

altlinux

Security fix for the ALT Linux 10 package thunderbird version 68.2.2-alt1

2019-11-09 00:00:00

Security fix for the ALT Linux 10 package firefox-esr version 68.2.0-alt1

2019-10-27 00:00:00

ubuntu

Thunderbird vulnerabilities

2019-11-26 00:00:00

Thunderbird regression

2019-12-10 00:00:00

Firefox vulnerabilities

2019-10-23 00:00:00

threatpost

Critical Firefox Bugs Allow Arbitrary Code-Execution

2019-10-23 14:05:13

gentoo

Mozilla Thunderbird: Multiple vulnerabilities

2020-03-14 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8.1 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.7%

JSON

Related for PRION:CVE-2019-11757