Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-11749

Опубликовано: 03 сент. 2019
Источник: redhat
CVSS3: 4.3

Описание

A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5firefoxOut of support scope
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux 7firefoxNot affected
Red Hat Enterprise Linux 8firefoxFixedRHSA-2019:266304.09.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1748666Mozilla: Camera information available without prompting using getUserMedia

4.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-11749

CVSS3: 4.3
ubuntu
около 6 лет назад

A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

nvd логотип

CVE-2019-11749

CVSS3: 4.3
nvd
около 6 лет назад

A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

debian логотип

CVE-2019-11749

CVSS3: 4.3
debian
около 6 лет назад

A vulnerability exists in WebRTC where malicious web content can use p ...

github логотип

GHSA-4v6f-vqcf-8j87

github
больше 3 лет назад

A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

fstec логотип

BDU:2020-01827

CVSS3: 6.5
fstec
около 6 лет назад

Уязвимость браузера Firefox, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить несанкционированный доступ к информации

4.3 Medium

CVSS3