Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2019-17015

Published: 08/01/2020 Updated: 13/01/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Mozilla

Vulnerability Summary

During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox

mozilla firefox_esr

Vendor Advisories

Mozilla: Security Vulnerabilities fixed in Firefox 72
Mozilla Foundation Security Advisory 2020-01 Security Vulnerabilities fixed in Firefox 72 Announced January 7, 2020 Impact high Products Firefox Fixed in Firefox 72 ...
Mozilla: Security Vulnerabilities fixed in Firefox ESR 68.4
Mozilla Foundation Security Advisory 2020-02 Security Vulnerabilities fixed in Firefox ESR 684 Announced January 7, 2020 Impact high Products Firefox ESR Fixed in Firefox ESR 684 ...
Mozilla: Security Vulnerabilities fixed in Thunderbird 68.4.1
Mozilla Foundation Security Advisory 2020-04 Security Vulnerabilities fixed in Thunderbird 6841 Announced January 10, 2020 Impact critical Products Thunderbird Fixed in Thunderbird 6841 ...

References

CWE-787https://bugzilla.mozilla.org/show_bug.cgi?id=1599005https://www.mozilla.org/security/advisories/mfsa2020-01/https://www.mozilla.org/security/advisories/mfsa2020-02/https://seclists.org/bugtraq/2020/Jan/18http://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.htmlhttps://nvd.nist.govhttps://www.mozilla.org/en-US/security/advisories/mfsa2020-01/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook