CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2019-9801
https://notcve.org/view.php?id=CVE-2019-9801
Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a "URL Handler" in the Windows registry. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66. • https://bugzilla.mozilla.org/show_bug.cgi?id=1527717 https://www.mozilla.org/security/advisories/mfsa2019-07 https://www.mozilla.org/security/advisories/mfsa2019-08 https://www.mozilla.org/security/advisories/mfsa2019-11 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 93%CPEs: 11EXPL: 6CVE-2019-9810 – Mozilla Firefox Array.slice Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-9810
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1. La información incorrecta de alias en el compilador IonMonkey JIT para el método Array.prototype.slice puede llevar a la falta de comprobación de límites y a un desbordamiento del búfer. Esta vulnerabilidad afecta a Firefox versiones anteriores a 66.0.1, Firefox ESR versiones anteriores a 60.6.1 y Thunderbird versiones anteriores a 60.6.1. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. • https://www.exploit-db.com/exploits/46605 https://www.exploit-db.com/exploits/47752 https://github.com/0vercl0k/CVE-2019-9810 https://github.com/xuechiyaobai/CVE-2019-9810-PoC http://packetstormsecurity.com/files/155592/Mozilla-Firefox-Windows-64-Bit-Chain-Exploit.html https://access.redhat.com/errata/RHSA-2019:0966 https://access.redhat.com/errata/RHSA-2019:1144 https://bugzilla.mozilla.org/show_bug.cgi?id=1537924 https://www.mozilla.org/security/advisories/mfsa2019-09 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 59%CPEs: 3EXPL: 1CVE-2019-9813 – Mozilla Firefox IonMonkey Optimizer Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-9813
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1. Un manejo incorrecto de __proto__ mutations puede llevar a confusión de tipo en el código IonMonkey JIT, y puede aprovecharse para la lectura y escritura de memoria arbitraria. Esta vulnerabilidad afecta a Firefox versiones anteriores a 66.0.1, Firefox ESR versiones anteriores a 60.6.1 y Thunderbird versiones anteriores a 60.6.1. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. • https://www.exploit-db.com/exploits/46646 https://access.redhat.com/errata/RHSA-2019:0966 https://access.redhat.com/errata/RHSA-2019:1144 https://bugzilla.mozilla.org/show_bug.cgi?id=1538006 https://www.mozilla.org/security/advisories/mfsa2019-09 https://www.mozilla.org/security/advisories/mfsa2019-10 https://www.mozilla.org/security/advisories/mfsa2019-12 https://access.redhat.com/security/cve/CVE-2019-9813 https://bugzilla.redhat.com/show_bug.cgi?id=1692182 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 22%CPEs: 11EXPL: 3CVE-2019-9791 – Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR
https://notcve.org/view.php?id=CVE-2019-9791
The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR). This allows for possible arbitrary reading and writing of objects during an exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66. El sistema de inferencia de tipos permite la recopilación de funciones que pueden generar confusiones de tipo entre objetos arbitrarios cuando se compilan por medio del compilador IonMonkey just-in-time (JIT) y cuando se ingresa a la función constructor mediante el reemplazo en la pila (OSR). Esto permite una posible lectura y escritura arbitrarias de objetos durante un bloqueo explotable. • https://www.exploit-db.com/exploits/46613 https://github.com/Sp0pielar/CVE-2019-9791 https://access.redhat.com/errata/RHSA-2019:0966 https://access.redhat.com/errata/RHSA-2019:1144 https://bugzilla.mozilla.org/show_bug.cgi?id=1530958 https://www.mozilla.org/security/advisories/mfsa2019-07 https://www.mozilla.org/security/advisories/mfsa2019-08 https://www.mozilla.org/security/advisories/mfsa2019-11 https://access.redhat.com/security/cve/CVE-2019-9791 https://bugzilla.redhat. • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-9795 – Mozilla: Type-confusion in IonMonkey JIT compiler
https://notcve.org/view.php?id=CVE-2019-9795
A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66. Una vulnerabilidad de confusión de tipo en compilador IonMonkey just-in-time (JIT) podría ser utilizado por JavaScript malicioso para desencadenar un fallo potencialmente explotable. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 60.6, Firefox ESR versiones anteriores a 60.6 y Firefox versiones anteriores a 66. • https://access.redhat.com/errata/RHSA-2019:0966 https://access.redhat.com/errata/RHSA-2019:1144 https://bugzilla.mozilla.org/show_bug.cgi?id=1514682 https://www.mozilla.org/security/advisories/mfsa2019-07 https://www.mozilla.org/security/advisories/mfsa2019-08 https://www.mozilla.org/security/advisories/mfsa2019-11 https://access.redhat.com/security/cve/CVE-2019-9795 https://bugzilla.redhat.com/show_bug.cgi?id=1690680 • CWE-617: Reachable Assertion CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •