Lucene search

K

Veracode Vulnerability DatabaseVERACODE:19494

HistoryMay 16, 2019 - 3:18 a.m.

Memory Corruption

2019-05-1603:18:10

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

Mozilla Firefox is vulnerable to memory corruption vulnerability. The vulnerability exists in an unknown code block of the component Unicode Converter. This occurs during the conversion of scripts to an internal UTF-16 representation which leads to a possible out-of-bounds write.

CPENameOperatorVersion
firefoxeq38.6.1__1.el6_7
firefoxeq3.6.17__1.el6_0
firefoxeq31.5.0__1.el6_6
firefoxeq24.4.0__1.el6_5
firefoxeq38.7.0__1.el6_7
firefoxeq10.0.8__1.el6_3
firefoxeq10.0.5__1.el6_2
firefoxeq3.6.14__4.el6_0
firefoxeq17.0.10__1.el6_4
firefoxeq38.1.1__1.el6_7

Rows per page:

1-10 of 3561

References

www.securityfocus.com/bid/105718

www.securityfocus.com/bid/105769

www.securitytracker.com/id/1041944

access.redhat.com/errata/RHSA-2018:3005

access.redhat.com/errata/RHSA-2018:3006

access.redhat.com/errata/RHSA-2018:3531

access.redhat.com/errata/RHSA-2018:3532

access.redhat.com/security/updates/classification/#critical

bugzilla.mozilla.org/show_bug.cgi?id=1495011

bugzilla.redhat.com/show_bug.cgi?id=1638082

lists.debian.org/debian-lts-announce/2018/11/msg00008.html

lists.debian.org/debian-lts-announce/2018/11/msg00011.html

security.gentoo.org/glsa/201811-04

security.gentoo.org/glsa/201811-13

usn.ubuntu.com/3801-1/

usn.ubuntu.com/3868-1/

www.debian.org/security/2018/dsa-4324

www.debian.org/security/2018/dsa-4337

www.mozilla.org/en-US/security/advisories/mfsa2018-27/

www.mozilla.org/security/advisories/mfsa2018-26/

www.mozilla.org/security/advisories/mfsa2018-27/

www.mozilla.org/security/advisories/mfsa2018-28/

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

Related for VERACODE:19494

cve1 openvas24 redhatcve1 ubuntucve1 debiancve1 prion1 nessus47 debian4 redhat4 osv4 oraclelinux4 centos4 amazon1 mozilla3 altlinux2 kaspersky2 suse3 ibm1 gentoo2 mageia2 ubuntu3 freebsd1