CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-17012 – Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
https://notcve.org/view.php?id=CVE-2019-17012
04 Dec 2019 — Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. Los desarrolladores de Mozilla reportaron bugs de seguridad de memoria presentes en Firefox versión 70 y Firefox ESR versión 68.2. Algunos de estos errores mostraron evidencia de... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2019-17010 – Mozilla: Use-after-free when performing device orientation checks
https://notcve.org/view.php?id=CVE-2019-17010
04 Dec 2019 — Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. Bajo determinadas condiciones, cuando se comprueba la preferencia Resist Fingerprinting durante las verificaciones de orientación del dispositivo, una condición de carrera podría haber causado un uso de la memoria previamente l... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-17008 – Mozilla: Use-after-free in worker destruction
https://notcve.org/view.php?id=CVE-2019-17008
04 Dec 2019 — When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. Cuando se usan trabajadores anidados, puede ocurrir un uso de la memoria previamente liberada durante la destrucción del trabajador. Esto resultó en un bloqueo explotable potencialmente. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-17009 – Slackware Security Advisory - mozilla-firefox Updates
https://notcve.org/view.php?id=CVE-2019-17009
04 Dec 2019 — When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. Cuando se ejecuta, el servicio updater escribió el estado y los archivos de registro en una ubi... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html •
CVSS: 8.8EPSS: 1%CPEs: 25EXPL: 0CVE-2019-11745 – nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate
https://notcve.org/view.php?id=CVE-2019-11745
28 Nov 2019 — When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. Al encriptar con un cifrado de bloque, si se realizó una llamada a NSC_EncryptUpdate con datos más pequeños que el tamaño del bloque, podría producirse una pequeña escritura fuera de límites. Es... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-11757 – Mozilla: Use-after-free when creating index updates in IndexedDB
https://notcve.org/view.php?id=CVE-2019-11757
23 Oct 2019 — When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. Siguiendo la cadena de prototipos de valor, era posible retener una referencia a una configuración regional, eliminarla y, posteriormente, hacer referencia a ella. Esto resultó en un uso de la memoria previamente libera... • https://bugzilla.mozilla.org/show_bug.cgi?id=1577107 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2019-11762 – Mozilla: document.domain-based origin isolation has same-origin-property violation
https://notcve.org/view.php?id=CVE-2019-11762
23 Oct 2019 — If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. Si dos documentos del mismo origen configuran a document.domain de manera diferente para convertirse en origen cruzado, es posible llamar arbitrariamente a DOM methods/getters/setters en la ventana ahora de origen cruzado. Esta vulnerabili... • https://bugzilla.mozilla.org/show_bug.cgi?id=1582857 • CWE-346: Origin Validation Error CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 5.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-11761 – Mozilla: Unintended access to a privileged JSONView object
https://notcve.org/view.php?id=CVE-2019-11761
23 Oct 2019 — By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. Mediante el uso de un formulario con un URI de datos, fue posible conseguir acceso al objeto JSONView privilegiado que había sido clonado en contenido. El impacto de exponer ... • https://bugzilla.mozilla.org/show_bug.cgi?id=1561502 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-749: Exposed Dangerous Method or Function CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2019-11758 – Mozilla: Potentially exploitable crash due to 360 Total Security
https://notcve.org/view.php?id=CVE-2019-11758
23 Oct 2019 — Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.2, and Firefox ESR < 68.2. Philipp, miembro de la comunidad de Mozilla, reportó un bug de seguridad de la memoria presente en Firefox versión 68 cuando 360 Total Securi... • https://bugzilla.mozilla.org/show_bug.cgi?id=1536227 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 2%CPEs: 4EXPL: 0CVE-2019-11759 – Mozilla: Stack buffer overflow in HKDF output
https://notcve.org/view.php?id=CVE-2019-11759
23 Oct 2019 — An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. Un atacante podría haber causado que 4 bytes de salida HMAC se escribieran más allá del final de un búfer almacenado en la pila. Esto podría ser usado por un atacante para ejecutar código arbitrario o, más probablemente, c... • https://bugzilla.mozilla.org/show_bug.cgi?id=1577953 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •