Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.3
CVSSv3

CVE-2019-11727

Published: 23/07/2019 Updated: 30/07/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Firefox

Vulnerability Summary

A sandbox escape exists in Firefox. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. (CVE-2019-9811)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox

Vendor Advisories

Red Hat: Moderate: nss and nspr security, bug fix, and enhancement update
Synopsis Moderate: nss and nspr security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for nss, nss-softokn, nss-util, and nspr is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate ...
Red Hat: Moderate: nss and nspr security, bug fix, and enhancement update
Synopsis Moderate: nss and nspr security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for nss and nspr is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability ...
Red Hat: Low: OpenShift Container Platform 4.3.40 security and bug fix update
Synopsis Low: OpenShift Container Platform 4340 security and bug fix update Type/Severity Security Advisory: Low Topic An update is now available for Red Hat OpenShift Container Platform 43Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring S ...
Red Hat: Moderate: security update - Red Hat Ansible Tower 3.6 runner release (CVE-2019-18874)
Synopsis Moderate: security update - Red Hat Ansible Tower 36 runner release (CVE-2019-18874) Type/Severity Security Advisory: Moderate Topic Red Hat Ansible Tower 36 runner release (CVE-2019-18874) Description Updated python-psutil version to 566 inside ansible-runner container(CVE-20 ...
Red Hat: Moderate: security update - Red Hat Ansible Tower 3.7 runner release (CVE-2019-18874)
Synopsis Moderate: security update - Red Hat Ansible Tower 37 runner release (CVE-2019-18874) Type/Severity Security Advisory: Moderate Topic Red Hat Ansible Tower 37 runner release (CVE-2019-18874) Description Updated python-psutil version to 566 inside ansible-runner container (CVE-2 ...
Ubuntu Security Notice: nss vulnerabilities
Several security issues were fixed in NSS ...
Ubuntu Security Notice: firefox vulnerabilities
Firefox could be made to crash or run programs as your login if it opened a malicious website ...
Ubuntu Security Notice: firefox regressions
USN-4054-1 caused some minor regressions in Firefox ...
Amazon Linux 2: ALAS2-2020-1559
When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library This could lead to information disclosure This vulnerability affects Firefox ESR < 608, Firefox < 68, and Thunderbird < 608 (CVE-2019-11719) A vulnerability exi ...
Amazon Linux AMI: ALAS-2021-1522
When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library This could lead to information disclosure This vulnerability affects Firefox ESR < 608, Firefox < 68, and Thunderbird < 608 (CVE-2019-11719) A vulnerability exi ...
Arch Linux Issues:
A vulnerability exists in Firefox before 680 where it is possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v15 signatures when those are the only ones advertised by server in CertificateRequest in TLS 13 PKCS#1 v15 signatures should not be used for TLS 13 messages ...
Mozilla: Security vulnerabilities fixed in Firefox 68
Mozilla Foundation Security Advisory 2019-21 Security vulnerabilities fixed in Firefox 68 Announced July 9, 2019 Impact critical Products Firefox Fixed in Firefox 68 ...
Mozilla: Security vulnerabilities fixed in Thunderbird 68
Mozilla Foundation Security Advisory 2019-28 Security vulnerabilities fixed in Thunderbird 68 Announced August 27, 2019 Impact critical Products Thunderbird Fixed in Thunderbird 68 ...

References

CWE-295https://www.mozilla.org/security/advisories/mfsa2019-21/https://bugzilla.mozilla.org/show_bug.cgi?id=1552208https://access.redhat.com/errata/RHSA-2019:1951https://security.gentoo.org/glsa/201908-12http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-01/msg00006.htmlhttps://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2020:4076https://usn.ubuntu.com/4060-1/https://usn.ubuntu.com/4054-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXECVE-2024-34490SQL injectionCVE-2024-34488CVE-2024-4507CVE-2023-7028CVE-2024-23187TCPCVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook