CVE-2019-17015

Опубликовано: 07 янв. 2020

Источник: redhat

CVSS3: 8.8

Описание

During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. Note: this issue only occurs on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	firefox	Not affected
Red Hat Enterprise Linux 5	thunderbird	Not affected
Red Hat Enterprise Linux 6	firefox	Not affected
Red Hat Enterprise Linux 6	thunderbird	Not affected
Red Hat Enterprise Linux 7	firefox	Not affected
Red Hat Enterprise Linux 7	thunderbird	Not affected
Red Hat Enterprise Linux 8	firefox	Not affected
Red Hat Enterprise Linux 8	thunderbird	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-787

https://bugzilla.redhat.com/show_bug.cgi?id=1788722Mozilla: Memory corruption in parent process during new content process initialization on Windows

8.8 High

CVSS3

Связанные уязвимости

CVE-2019-17015

CVSS3: 8.8

ubuntu

около 6 лет назад

During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

CVE-2019-17015

CVSS3: 8.8

nvd

около 6 лет назад

CVE-2019-17015

CVSS3: 8.8

debian

около 6 лет назад

During the initialization of a new content process, a pointer offset c ...

GHSA-6jgc-63f5-7hch

github

больше 3 лет назад

BDU:2022-05733

CVSS3: 8.8

fstec

около 6 лет назад

Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с записью данных за границами буфера в памяти, позволяющая нарушителю выполнить произвольный код

8.8 High

CVSS3