Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-9816

Опубликовано: 22 мая 2019
Источник: redhat
CVSS3: 5.9

Описание

A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all supported releases.. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6thunderbirdNot affected
Red Hat Enterprise Linux 7thunderbirdNot affected
Red Hat Enterprise Linux 8thunderbirdNot affected
Red Hat Enterprise Linux 6firefoxFixedRHSA-2019:126723.05.2019
Red Hat Enterprise Linux 7firefoxFixedRHSA-2019:126523.05.2019
Red Hat Enterprise Linux 8firefoxFixedRHSA-2019:126923.05.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-843
https://bugzilla.redhat.com/show_bug.cgi?id=1712625Mozilla: Type confusion with object groups and UnboxedObjects

5.9 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-9816

CVSS3: 5.9
ubuntu
около 6 лет назад

A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. *Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all supported releases.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

nvd логотип

CVE-2019-9816

CVSS3: 5.9
nvd
около 6 лет назад

A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. *Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all supported releases.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

debian логотип

CVE-2019-9816

CVSS3: 5.9
debian
около 6 лет назад

A possible vulnerability exists where type confusion can occur when ma ...

github логотип

GHSA-w463-rqrr-mc27

github
около 3 лет назад

A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. *Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all supported releases.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

fstec логотип

BDU:2019-04638

CVSS3: 5.9
fstec
около 6 лет назад

Уязвимость функций работы с объектами JavaScript браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю получить доступ к конфиденциальной информации и вызвать отказ в обслуживании

5.9 Medium

CVSS3