CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2019-11698 – Mozilla: Theft of user history data through drag and drop of hyperlinks to and from bookmarks
https://notcve.org/view.php?id=CVE-2019-11698
If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7. Si un hipervínculo especialmente diseñado se arrastra y suelta en la barra de marcadores o en la barra lateral y el marcador resultante se arrastra y suelta posteriormente en el área de contenido web, se puede ejecutar una consulta arbitraria del historial del navegador de un usuario y transmitirla a la página de contenido a través de los datos del evento. . Esto permite el robo del historial del navegador por un sitio malicioso. • https://bugzilla.mozilla.org/show_bug.cgi?id=1543191 https://www.mozilla.org/security/advisories/mfsa2019-13 https://www.mozilla.org/security/advisories/mfsa2019-14 https://www.mozilla.org/security/advisories/mfsa2019-15 https://access.redhat.com/security/cve/CVE-2019-11698 https://bugzilla.redhat.com/show_bug.cgi?id=1712621 • CWE-20: Improper Input Validation CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-11691 – Mozilla: Use-after-free in XMLHttpRequest
https://notcve.org/view.php?id=CVE-2019-11691
A use-after-free vulnerability can occur when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7. Puede ocurrir una vulnerabilidad de uso después de liberarse cuando se trabaja con XMLHttpRequest (XHR) en un bucle de eventos, lo que hace que se llame al subproceso principal de XHR después de que se haya liberado. Esto da lugar a una caída potencialmente explotable. • https://bugzilla.mozilla.org/show_bug.cgi?id=1542465 https://www.mozilla.org/security/advisories/mfsa2019-13 https://www.mozilla.org/security/advisories/mfsa2019-14 https://www.mozilla.org/security/advisories/mfsa2019-15 https://access.redhat.com/security/cve/CVE-2019-11691 https://bugzilla.redhat.com/show_bug.cgi?id=1712617 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-9820 – Mozilla: Use-after-free of ChromeEventHandler by DocShell
https://notcve.org/view.php?id=CVE-2019-9820
A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7. Puede ocurrir una vulnerabilidad de uso de la memoria previamente liberada en el controlador de eventos de Chrome cuando se libera mientras aún está en uso. Esto resulta en un bloqueo potencialmente explotable. • https://bugzilla.mozilla.org/show_bug.cgi?id=1536405 https://www.mozilla.org/security/advisories/mfsa2019-13 https://www.mozilla.org/security/advisories/mfsa2019-14 https://www.mozilla.org/security/advisories/mfsa2019-15 https://access.redhat.com/security/cve/CVE-2019-9820 https://bugzilla.redhat.com/show_bug.cgi?id=1712629 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-9794
https://notcve.org/view.php?id=CVE-2019-9794
A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This could be used to retrieve and execute files whose location is supplied through these command line arguments if Firefox is configured as the default URI handler for a given URI scheme in third party applications and these applications insufficiently sanitize URL data. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66. • https://bugzilla.mozilla.org/show_bug.cgi?id=1530103 https://www.mozilla.org/security/advisories/mfsa2019-07 https://www.mozilla.org/security/advisories/mfsa2019-08 https://www.mozilla.org/security/advisories/mfsa2019-11 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2019-9801
https://notcve.org/view.php?id=CVE-2019-9801
Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a "URL Handler" in the Windows registry. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66. • https://bugzilla.mozilla.org/show_bug.cgi?id=1527717 https://www.mozilla.org/security/advisories/mfsa2019-07 https://www.mozilla.org/security/advisories/mfsa2019-08 https://www.mozilla.org/security/advisories/mfsa2019-11 • CWE-20: Improper Input Validation •