Mozilla developers and community members reported memory safety bugs
present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs
showed evidence of memory corruption and we presume that with enough effort
that some of these could be exploited to run arbitrary code. This
vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9,
Firefox ESR < 60.9, and Firefox ESR < 68.1.
Author | Note |
---|---|
tyhicks | mozjs contains a copy of the SpiderMonkey JavaScript engine |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | firefox | < 69.0+build2-0ubuntu0.18.04.1 | UNKNOWN |
ubuntu | 19.04 | noarch | firefox | < 69.0+build2-0ubuntu0.19.04.1 | UNKNOWN |
ubuntu | 19.10 | noarch | firefox | < 69.0.1+build1-0ubuntu2 | UNKNOWN |
ubuntu | 20.04 | noarch | firefox | < 69.0.1+build1-0ubuntu2 | UNKNOWN |
ubuntu | 20.10 | noarch | firefox | < 69.0.1+build1-0ubuntu2 | UNKNOWN |
ubuntu | 21.04 | noarch | firefox | < 69.0.1+build1-0ubuntu2 | UNKNOWN |
ubuntu | 21.10 | noarch | firefox | < 69.0.1+build1-0ubuntu2 | UNKNOWN |
ubuntu | 22.04 | noarch | firefox | < 69.0.1+build1-0ubuntu2 | UNKNOWN |
ubuntu | 22.10 | noarch | firefox | < 69.0.1+build1-0ubuntu2 | UNKNOWN |
ubuntu | 23.04 | noarch | firefox | < 69.0.1+build1-0ubuntu2 | UNKNOWN |
launchpad.net/bugs/cve/CVE-2019-11740
nvd.nist.gov/vuln/detail/CVE-2019-11740
security-tracker.debian.org/tracker/CVE-2019-11740
ubuntu.com/security/notices/USN-4122-1
ubuntu.com/security/notices/USN-4150-1
www.cve.org/CVERecord?id=CVE-2019-11740
www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11740
www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11740