Описание
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 6 | firefox | Fixed | RHSA-2019:2694 | 12.09.2019 |
| Red Hat Enterprise Linux 7 | firefox | Fixed | RHSA-2019:2729 | 12.09.2019 |
| Red Hat Enterprise Linux 8 | firefox | Fixed | RHSA-2019:2663 | 04.09.2019 |
Показывать по
Дополнительная информация
Статус:
EPSS
9.3 Critical
CVSS3
Связанные уязвимости
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69.
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69.
Given a compromised sandboxed content process due to a separate vulner ...
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69.
Уязвимость компонента account.firefox.com веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю нарушить целостность данных или вызвать отказ в обслуживании
EPSS
9.3 Critical
CVSS3