Lucene search
PRIOn knowledge basePRION:CVE-2019-9812HistoryJan 08, 2020 - 10:15 p.m.
Code injection
2020-01-0822:15:00
PRIOn knowledge base
www.prio-n.com
12
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69.
| CPE | Name | Operator | Version |
|---|---|---|---|
| firefox | lt | 69.0 | |
| firefox_esr | lt | 60.9 | |
| firefox_esr | ge | 61.0 | |
| firefox_esr | lt | 68.1 |
Related
veracode
veracode
Sandbox Restrictions Bypass
2019-09-11 00:06:45
redhatcve
redhatcve
CVE-2019-9812
2019-09-04 01:23:47
zdi
zdi
alpinelinux
alpinelinux
CVE-2019-9812
2020-01-08 22:15:13
cve
cve
CVE-2019-9812
2020-01-08 22:15:13
debiancve
debiancve
CVE-2019-9812
2020-01-08 22:15:13
cvelist
cvelist
CVE-2019-9812
2020-01-08 21:41:06
ubuntucve
ubuntucve
CVE-2019-9812
2019-09-04 00:00:00
nvd
nvd
CVE-2019-9812
2020-01-08 22:15:13
debian
debian
[SECURITY] [DLA 1910-1] firefox-esr security update
2019-09-06 09:37:16
[SECURITY] [DSA 4516-1] firefox-esr security update
2019-09-05 19:00:06
openvas
openvas
Debian: Security Advisory (DLA-1910-1)
2019-09-07 00:00:00
Mozilla Firefox ESR Security Advisories - 1 - (MFSA2019-25, MFSA2019-27) - Mac OS X
2019-09-05 00:00:00
Debian: Security Advisory (DSA-4516-1)
2019-09-07 00:00:00
osv
osv
firefox-esr - security update
2019-09-06 00:00:00
firefox-esr - security update
2019-09-05 00:00:00
nessus
nessus
GLSA-201911-07 : Mozilla Firefox: Multiple vulnerabilities
2019-11-25 00:00:00
Debian DLA-1910-1 : firefox-esr security update
2019-09-09 00:00:00
Debian DSA-4516-1 : firefox-esr - security update
2019-09-06 00:00:00
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2019-11-25 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2019-09-12 22:09:52
Updated firefox packages fix security vulnerabilities
2019-09-12 22:09:52
mozilla
mozilla
Security vulnerabilities fixed in Firefox ESR 60.9 — Mozilla
2019-09-03 00:00:00
Security vulnerabilities fixed in Firefox ESR 68.1 — Mozilla
2019-09-03 00:00:00
Security vulnerabilities fixed in Firefox 69 — Mozilla
2019-09-03 00:00:00
oraclelinux
oraclelinux
firefox security update
2019-09-11 00:00:00
firefox security update
2019-09-10 00:00:00
firefox security update
2019-09-06 00:00:00
centos
centos
firefox security update
2019-09-17 21:47:04
firefox security update
2019-09-18 21:10:48
redhat
redhat
(RHSA-2019:2729) Important: firefox security update
2019-09-11 07:15:24
(RHSA-2019:2694) Important: firefox security update
2019-09-10 06:57:37
(RHSA-2019:2663) Important: firefox security update
2019-09-04 20:00:30
ibm
ibm
archlinux
archlinux
[ASA-201909-2] firefox: multiple issues
2019-09-04 00:00:00
ubuntu
ubuntu
Firefox regression
2019-10-08 00:00:00
Firefox vulnerabilities
2019-09-04 00:00:00
kaspersky
kaspersky
KLA11545 Multiple vulnerabilities in Mozilla Firefox ESR
2019-09-03 00:00:00
KLA11546 Multiple vulnerabilities in Mozilla Firefox
2019-09-03 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 68.1.0-alt1
2019-09-04 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2019-09-03 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2019-10-06 00:00:00
Security update for MozillaFirefox (important)
2019-10-05 00:00:00