Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.6
CVSSv2

CVE-2019-17021

Published: 08/01/2020 Updated: 01/01/2022
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
CVSS v3 Base Score: 5.3 | Impact Score: 3.6 | Exploitability Score: 1.6
VMScore: 231
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N
Subscribe to Firefox

Vulnerability Summary

During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox

mozilla firefox_esr

opensuse leap 15.1

Vendor Advisories

Mozilla: Security Vulnerabilities fixed in Firefox 72
Mozilla Foundation Security Advisory 2020-01 Security Vulnerabilities fixed in Firefox 72 Announced January 7, 2020 Impact high Products Firefox Fixed in Firefox 72 ...
Mozilla: Security Vulnerabilities fixed in Firefox ESR 68.4
Mozilla Foundation Security Advisory 2020-02 Security Vulnerabilities fixed in Firefox ESR 684 Announced January 7, 2020 Impact high Products Firefox ESR Fixed in Firefox ESR 684 ...
Mozilla: Security Vulnerabilities fixed in Thunderbird 68.4.1
Mozilla Foundation Security Advisory 2020-04 Security Vulnerabilities fixed in Thunderbird 6841 Announced January 10, 2020 Impact critical Products Thunderbird Fixed in Thunderbird 6841 ...

References

CWE-362https://www.mozilla.org/security/advisories/mfsa2020-01/https://bugzilla.mozilla.org/show_bug.cgi?id=1599008https://www.mozilla.org/security/advisories/mfsa2020-02/https://seclists.org/bugtraq/2020/Jan/18http://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.htmlhttps://nvd.nist.govhttps://www.mozilla.org/en-US/security/advisories/mfsa2020-01/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-1183hard-codedCVE-2024-28254CVE-2023-43790buffer overflowbypassCVE-2024-32633CVE-2024-1874CVE-2024-23558
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook