Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

References

lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html

lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html

access.redhat.com/errata/RHSA-2020:0292

access.redhat.com/errata/RHSA-2020:0295

bugzilla.mozilla.org/show_bug.cgi?id=1581084

security.gentoo.org/glsa/202003-02

security.gentoo.org/glsa/202003-10

usn.ubuntu.com/4241-1/

usn.ubuntu.com/4335-1/

www.mozilla.org/security/advisories/mfsa2019-36/

www.mozilla.org/security/advisories/mfsa2019-37/

www.mozilla.org/security/advisories/mfsa2019-38/

alpinelinux 1

nvd 1

cve 1

redhatcve 1

cvelist 1

ubuntucve 1

veracode 1

debiancve 1

ibm 1

nessus 56

redhat 8

centos 4

openvas 27

osv 4

oraclelinux 6

debian 4

amazon 1

archlinux 2

mageia 2

suse 2

kaspersky 3

mozilla 3

altlinux 2

slackware 1

ubuntu 4

gentoo 2

alpinelinux

CVE-2019-17010

2020-01-08 22:15:11

nvd

CVE-2019-17010

2020-01-08 22:15:11

cve

CVE-2019-17010

2020-01-08 22:15:11

redhatcve

CVE-2019-17010

2020-03-08 07:34:42

cvelist

CVE-2019-17010

2020-01-08 21:23:23

ubuntucve

CVE-2019-17010

2019-12-04 00:00:00

veracode

Denial Of Service (DoS)

2019-12-06 00:16:43

debiancve

CVE-2019-17010

2020-01-08 22:15:11

ibm

Security Bulletin: Multiple vulnerabilities of Mozzila Firefox (less than Firefox 68.3 ESR) have affected Synthetic Playback Agent 8.1.4.0 - 8.1.4 IF10 + ICAM 3.0 - 4.0

2020-02-28 08:49:25

nessus

Oracle Linux 8 : thunderbird (ELSA-2019-4195)

2019-12-12 00:00:00

CentOS 7 : thunderbird (CESA-2019:4148)

2019-12-27 00:00:00

RHEL 6 : thunderbird (RHSA-2019:4205)

2019-12-12 00:00:00

redhat

(RHSA-2019:4148) Important: thunderbird security update

2019-12-10 10:00:29

(RHSA-2019:4205) Important: thunderbird security update

2019-12-11 09:58:37

(RHSA-2019:4108) Critical: firefox security update

2019-12-05 15:00:15

centos

thunderbird security update

2019-12-24 15:58:02

thunderbird security update

2019-12-24 15:18:09

firefox security update

2019-12-24 15:58:51

openvas

CentOS Update for firefox CESA-2019:4107 centos7

2020-01-08 00:00:00

CentOS Update for thunderbird CESA-2019:4148 centos7

2020-01-08 00:00:00

Debian: Security Advisory (DLA-2036-1)

2019-12-17 00:00:00

osv

firefox-esr - security update

2019-12-09 00:00:00

firefox-esr - security update

2019-12-10 00:00:00

thunderbird - security update

2019-12-15 00:00:00

oraclelinux

firefox security update

2019-12-05 00:00:00

firefox security update

2019-12-06 00:00:00

thunderbird security update

2019-12-11 00:00:00

debian

[SECURITY] [DSA 4585-1] thunderbird security update

2019-12-15 17:49:13

[SECURITY] [DSA 4580-1] firefox-esr security update

2019-12-09 19:59:41

[SECURITY] [DLA 2036-1] thunderbird security update

2019-12-16 12:25:29

amazon

Important: thunderbird

2020-01-14 20:08:00

archlinux

[ASA-201912-2] thunderbird: arbitrary code execution

2019-12-06 00:00:00

[ASA-201912-1] firefox: multiple issues

2019-12-03 00:00:00

mageia

Updated thunderbird packages fix security vulnerabilities

2019-12-08 21:12:18

Updated firefox packages fix security vulnerabilities

2019-12-08 21:12:18

suse

Security update for MozillaThunderbird (important)

2020-01-09 00:00:00

Security update for MozillaFirefox (important)

2020-01-09 00:00:00

kaspersky

KLA11612 Multiple vulnerabilities in Mozilla Firefox ESR

2019-12-03 00:00:00

KLA11613 Multiple vulnerabilities in Mozilla Thunderbird

2019-11-09 00:00:00

KLA11611 Multiple vulnerabilities in Mozilla Firefox

2019-12-03 00:00:00

mozilla

Security Vulnerabilities fixed in - Firefox ESR 68.3 — Mozilla

2019-12-03 00:00:00

Security Vulnerabilities fixed in - Thunderbird 68.3 — Mozilla

2019-12-03 00:00:00

Security Vulnerabilities fixed in - Firefox 71 — Mozilla

2019-12-03 00:00:00

altlinux

Security fix for the ALT Linux 10 package thunderbird version 68.3.1-alt1

2019-12-23 00:00:00

Security fix for the ALT Linux 10 package firefox-esr version 68.3.0-alt1

2019-12-05 00:00:00

slackware

[slackware-security] mozilla-firefox

2019-12-03 19:30:37

ubuntu

Firefox vulnerabilities

2019-12-09 00:00:00

Firefox vulnerabilities

2019-12-13 00:00:00

Thunderbird vulnerabilities

2020-01-16 00:00:00

gentoo

Mozilla Firefox: Multiple vulnerabilities

2020-03-12 00:00:00

Mozilla Thunderbird: Multiple vulnerabilities

2020-03-14 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

7.4

Confidence

High

EPSS

0.01

Percentile

84.0%

JSON

Related for PRION:CVE-2019-17010