CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-11760 – Mozilla: Stack buffer overflow in WebRTC networking
https://notcve.org/view.php?id=CVE-2019-11760
23 Oct 2019 — A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. Un búfer de pila de tamaño fijo podría desbordarse en nrappkit cuando realiza la señalización de WebRTC. Esto resultó en un bloqueo explotable potencialmente en algunos casos. • https://bugzilla.mozilla.org/show_bug.cgi?id=1577719 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2019-11763 – Mozilla: Incorrect HTML parsing results in XSS bypass technique
https://notcve.org/view.php?id=CVE-2019-11763
23 Oct 2019 — Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. Si no se ma... • https://bugzilla.mozilla.org/show_bug.cgi?id=1584216 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 1CVE-2019-11764 – Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
https://notcve.org/view.php?id=CVE-2019-11764
23 Oct 2019 — Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. Los desarrolladores de Mozilla y los miembros de la comunidad reportaron bugs de seguridad de memoria presentes en Firefox versión 69 y Firefox ESR versión 68.1. A... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1558522%2C1577061%2C1548044%2C1571223%2C1573048%2C1578933%2C1575217%2C1583684%2C1586845%2C1581950%2C1583463%2C1586599 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0CVE-2019-11736
https://notcve.org/view.php?id=CVE-2019-11736
27 Sep 2019 — The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during checks for junctions and symbolic links by the Maintenance Service, allowing for potential local file and directory manipulation to be undetected in some circumstances. This allows for potential privilege escalation ... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-11751
https://notcve.org/view.php?id=CVE-2019-11751
27 Sep 2019 — Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder.
*Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. Los parámetros de línea de comando relacionados con el Inicio de Sesión no son saneados apro... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-11753
https://notcve.org/view.php?id=CVE-2019-11753
27 Sep 2019 — The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the unprotected location has been altered, the altered maintenance service can run with elevated privileges during the update process due to a lack of integrity checks. This allows for privilege escalation if the executable... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-11742 – Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images
https://notcve.org/view.php?id=CVE-2019-11742
04 Sep 2019 — A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a <canvas> element due to an error in how same-origin policy is applied to cached image content. The resulting same-origin policy violation could allow for data theft. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. Se presenta una violación de la política del mismo origen, que permite el robo de imágenes d... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11749 – Mozilla: Camera information available without prompting using getUserMedia
https://notcve.org/view.php?id=CVE-2019-11749
04 Sep 2019 — A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. Se presenta una vulnerabilidad en WebRTC donde el contenido web malicioso puede utilizar técnicas de sondeo en la API getUserMedia usando restricciones para rev... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2019-9812 – Mozilla Firefox sync Universal Cross-Site Scripting Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2019-9812
04 Sep 2019 — Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69. Dado un proceso de contenido ... • https://bugzilla.mozilla.org/show_bug.cgi?id=1538008 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11750 – Mozilla: Type confusion in Spidermonkey
https://notcve.org/view.php?id=CVE-2019-11750
04 Sep 2019 — A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1. Se presenta una vulnerabilidad de confusión de tipos en Spidermonkey, lo que resulta en un bloqueo no explotable. Esta vulnerabilidad afecta a Firefox versiones anteriores a 69 y Firefox ESR versiones anteriores a 68.1. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-908: Use of Uninitialized Resource •