Vulnerability CVE-2019-17015: Information
Description
During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Fixed packages
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1599005 |
|
https://www.mozilla.org/security/advisories/mfsa2020-01/ |
|
https://www.mozilla.org/security/advisories/mfsa2020-02/ |
|
20200112 [slackware-security] mozilla-thunderbird (SSA:2020-010-01) |
|
http://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.html | |
openSUSE-SU-2020:0060 | |
openSUSE-SU-2020:0094 |