Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2019-17021
HistoryJan 08, 2020 - 12:00 a.m.

CVE-2019-17021

2020-01-0800:00:00
ubuntu.com
ubuntu.com
8

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.008 Low

EPSS

Percentile

81.3%

JSON

During the initialization of a new content process, a race condition occurs
that can allow a content process to disclose heap addresses from the parent
process. Note: this issue only occurs on Windows. Other operating systems
are unaffected.. This vulnerability affects Firefox ESR < 68.4 and Firefox
< 72.

Notes

Author Note
tyhicks mozjs contains a copy of the SpiderMonkey JavaScript engine

Related

prion 1
debiancve 1
redhatcve 1
cve 1
altlinux 2
nessus 9
kaspersky 3
mozilla 3
openvas 10
suse 2
slackware 1
prion
prion
Race condition
2020-01-08 22:15:00
debiancve
debiancve
CVE-2019-17021
2020-01-08 22:15:00
redhatcve
redhatcve
CVE-2019-17021
2020-01-07 23:09:07
cve
cve
CVE-2019-17021
2020-01-08 22:15:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 68.4.1-alt1
2020-01-08 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 68.4.1-alt1
2020-01-11 00:00:00
nessus
nessus
Mozilla Firefox ESR < 68.4 Multiple Vulnerabilities
2020-01-08 00:00:00
Slackware 14.2 / current : mozilla-thunderbird (SSA:2020-010-01)
2020-01-13 00:00:00
SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2020:14268-1)
2021-06-10 00:00:00
kaspersky
kaspersky
KLA11629 Multiple vulnerabilities in Mozilla Firefox ESR
2020-01-07 00:00:00
KLA11635 Multiple vulnerabilities in Mozilla Thunderbird
2020-01-10 00:00:00
KLA11628 Multiple vulnerabilities in Mozilla Firefox
2020-01-07 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 68.4 — Mozilla
2020-01-07 00:00:00
Security Vulnerabilities fixed in Thunderbird 68.4.1 — Mozilla
2020-01-10 00:00:00
Security Vulnerabilities fixed in Firefox 72 — Mozilla
2020-01-07 00:00:00
openvas
openvas
Mozilla Firefox ESR Security Advisories (MFSA2020-01, MFSA2020-02) - Windows
2020-01-08 00:00:00
openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2020:0094_1)
2020-01-27 00:00:00
Mozilla Thunderbird Security Advisory (MFSA2020-04) - Windows
2020-01-14 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2020-01-15 00:00:00
Security update for MozillaThunderbird (important)
2020-01-22 00:00:00
slackware
slackware
[slackware-security] mozilla-thunderbird
2020-01-11 00:19:13

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.008 Low

EPSS

Percentile

81.3%

JSON
Related for UB:CVE-2019-17021
prion1debiancve1redhatcve1cve1altlinux2nessus9kaspersky3mozilla3openvas10suse2slackware1