Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-11694

Опубликовано: 22 мая 2019
Источник: redhat
CVSS3: 7.5
EPSS Низкий

Описание

A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. Note: this issue only occurs on Windows. Other operating systems are unaffected.. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux 6thunderbirdNot affected
Red Hat Enterprise Linux 7firefoxNot affected
Red Hat Enterprise Linux 7thunderbirdNot affected
Red Hat Enterprise Linux 8firefoxNot affected
Red Hat Enterprise Linux 8thunderbirdNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-456->CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1712620Mozilla: Uninitialized memory leakage in Windows sandbox

EPSS

Процентиль: 60%
0.00398
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-11694

CVSS3: 7.5
ubuntu
больше 6 лет назад

A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

nvd логотип

CVE-2019-11694

CVSS3: 7.5
nvd
больше 6 лет назад

A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

debian логотип

CVE-2019-11694

CVSS3: 7.5
debian
больше 6 лет назад

A vulnerability exists in the Windows sandbox where an uninitialized v ...

github логотип

GHSA-7ff5-p6pm-jw35

CVSS3: 7.5
github
больше 3 лет назад

A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

suse-cvrf логотип

SUSE-SU-2019:1405-1

suse-cvrf
больше 6 лет назад

Security update for MozillaFirefox

EPSS

Процентиль: 60%
0.00398
Низкий

7.5 High

CVSS3