CVE-2019-11746
Mozilla: Use-after-free while manipulating video
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
Se puede presentar una vulnerabilidad de uso de la memoria previamente liberada después de manipular elementos de video si el cuerpo es liberado mientras todavía se encuentra en uso. Esto resulta en un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Firefox versiones anteriores a 69, Thunderbird versiones anteriores a 68.1, Thunderbird versiones anteriores a 60.9, Firefox versiones anteriores a 60.9 y Firefox ESR versiones anteriores a 68.1.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-05-03 CVE Reserved
- 2019-09-04 CVE Published
- 2024-08-04 CVE Updated
- 2024-09-20 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (13)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | < 69.0 Search vendor "Mozilla" for product "Firefox" and version " < 69.0" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | < 60.9.0 Search vendor "Mozilla" for product "Firefox Esr" and version " < 60.9.0" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | >= 68.0 < 68.1.0 Search vendor "Mozilla" for product "Firefox Esr" and version " >= 68.0 < 68.1.0" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | < 60.9.0 Search vendor "Mozilla" for product "Thunderbird" and version " < 60.9.0" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | >= 68.0 < 68.1.0 Search vendor "Mozilla" for product "Thunderbird" and version " >= 68.0 < 68.1.0" | - |
Affected
|