Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-9798

Опубликовано: 26 апр. 2019
Источник: ubuntu
Приоритет: negligible
EPSS Низкий
CVSS2: 5.8
CVSS3: 7.4

Описание

On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. Note: This issue only affects Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 66.

РелизСтатусПримечание
bionic

not-affected

cosmic

not-affected

devel

not-affected

disco

not-affected

eoan

not-affected

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected]
esm-infra/focal

DNE

focal

not-affected

groovy

not-affected

hirsute

not-affected

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-apps/bionic

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
cosmic

ignored

end of life
devel

DNE

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/focal

ignored

esm-infra-legacy/trusty

DNE

esm-infra/bionic

ignored

focal

ignored

groovy

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

ignored

end of life
devel

DNE

disco

ignored

end of life
eoan

ignored

end of life
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 41%
0.00194
Низкий

5.8 Medium

CVSS2

7.4 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2019-9798

CVSS3: 7.4
nvd
почти 7 лет назад

On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. *Note: This issue only affects Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66.

debian логотип

CVE-2019-9798

CVSS3: 7.4
debian
почти 7 лет назад

On Android systems, Firefox can load a library from APITRACE_LIB, whic ...

github логотип

GHSA-6c53-pfqv-mx96

github
больше 3 лет назад

On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. *Note: This issue only affects Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66.

fstec логотип

BDU:2019-01950

CVSS3: 9.8
fstec
почти 7 лет назад

Уязвимость программного обеспечения Firefox, Firefox ESR и Thunderbird, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 41%
0.00194
Низкий

5.8 Medium

CVSS2

7.4 High

CVSS3