Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2019-9820

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 23 июл. 2019
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: medium
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8

ОписаниС

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

released

67.0+build2-0ubuntu0.18.04.1
cosmic

released

67.0+build2-0ubuntu0.18.10.1
devel

released

67.0+build2-0ubuntu1
disco

released

67.0+build2-0ubuntu0.19.04.1
eoan

released

67.0+build2-0ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

67.0+build2-0ubuntu1
groovy

released

67.0+build2-0ubuntu1
hirsute

released

67.0+build2-0ubuntu1

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

ignored

end of standard support, was needs-triage
cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-apps/bionic

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

ignored

end of standard support, was needs-triage
cosmic

ignored

end of life
devel

DNE

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/focal

ignored

esm-infra-legacy/trusty

DNE

esm-infra/bionic

ignored

focal

ignored

groovy

ignored

end of life

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

DNE

cosmic

ignored

end of life
devel

DNE

disco

ignored

end of life
eoan

ignored

end of life
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

released

1:60.7.0+build1-0ubuntu0.18.04.1
cosmic

released

1:60.7.0+build1-0ubuntu0.18.10.1
devel

released

1:60.7.0+build1-0ubuntu3
disco

released

1:60.7.0+build1-0ubuntu0.19.04.1
eoan

released

1:60.7.0+build1-0ubuntu3
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

1:60.7.0+build1-0ubuntu3
groovy

released

1:60.7.0+build1-0ubuntu3
hirsute

released

1:60.7.0+build1-0ubuntu3

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 67%
0.00554
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2019-9820

CVSS3: 9.8
redhat
большС 6 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2019-9820

CVSS3: 9.8
nvd
большС 6 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2019-9820

CVSS3: 9.8
debian
большС 6 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

A use-after-free vulnerability can occur in the chrome event handler w ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-jgjx-vxj6-pmw4

CVSS3: 9.8
github
большС 3 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2019-04635

CVSS3: 9.8
fstec
большС 6 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ ΠΎΠ±Ρ€Π°Π±ΠΎΡ‚Ρ‡ΠΈΠΊΠ° событий Π±Ρ€Π°ΡƒΠ·Π΅Ρ€ΠΎΠ² Firefox, Firefox ESR ΠΈ ΠΏΠΎΡ‡Ρ‚ΠΎΠ²ΠΎΠ³ΠΎ ΠΊΠ»ΠΈΠ΅Π½Ρ‚Π° Thunderbird, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰Π°Ρ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ Π²Ρ‹Π·Π²Π°Ρ‚ΡŒ ΠΎΡ‚ΠΊΠ°Π· Π² обслуТивании

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 67%
0.00554
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2019-9820