Showing 1 - 6 of 6

CVE-2019-9812

Status Candidate

Overview

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69.

Related Files

Gentoo Linux Security Advisory 201911-07: Posted Nov 25, 2019; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201911-7 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 68.2.0 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2019-11740, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11746, CVE-2019-11752, CVE-2019-9812; SHA-256 | 9815af517624908083cc883423c0c80bae85042b8c09ae7637419e71ddcbe392; Download | Favorite | View

Red Hat Security Advisory 2019-2729-01: Posted Sep 11, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-2729-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Issues addressed include cross site scripting and use-after-free vulnerabilities.; tags | advisory, web, vulnerability, xss; systems | linux, redhat; advisories | CVE-2019-11733, CVE-2019-11740, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11746, CVE-2019-11752, CVE-2019-9812; SHA-256 | 610ee7c9f39b9a684b2af7c8b4229cccbd8151636e4f5214e7c64bf23b7c35d9; Download | Favorite | View

Red Hat Security Advisory 2019-2694-01: Posted Sep 10, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-2694-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Issues addressed include cross site scripting and use-after-free vulnerabilities.; tags | advisory, web, vulnerability, xss; systems | linux, redhat; advisories | CVE-2019-11733, CVE-2019-11740, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11746, CVE-2019-11752, CVE-2019-9812; SHA-256 | e2605dbccfed78c228a00c3550939694726399e9b8d7229f47b0312ecbf2879b; Download | Favorite | View

Debian Security Advisory 4516-1: Posted Sep 6, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4516-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, bypass of the same-origin policy, sandbox escape, information disclosure or denial of service.; tags | advisory, web, denial of service, arbitrary, xss, info disclosure; systems | linux, debian; advisories | CVE-2019-11740, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11746, CVE-2019-11752, CVE-2019-9812; SHA-256 | fdf02e607914d7c6918476e9a49d8519122450a5482135a234e0fcc44c9b6bc1; Download | Favorite | View

Ubuntu Security Notice USN-4122-1: Posted Sep 4, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4122-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, bypass Content Security Policy protections, bypass same-origin restrictions, conduct cross-site scripting attacks, cause a denial of service, or execute arbitrary code. Various other issues were also addressed.; tags | advisory, denial of service, arbitrary, xss; systems | linux, ubuntu; advisories | CVE-2019-11734, CVE-2019-11735, CVE-2019-11737, CVE-2019-11740, CVE-2019-11741, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11747, CVE-2019-11748, CVE-2019-11749, CVE-2019-9812; SHA-256 | 36f7b263210e2345871a9d8a207894684105c082f35ff31ad7fbc21f3ae0cbe0; Download | Favorite | View

Red Hat Security Advisory 2019-2663-01: Posted Sep 4, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-2663-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.1.0 ESR. Issues addressed include bypass, cross site scripting, and use-after-free vulnerabilities.; tags | advisory, web, vulnerability, xss; systems | linux, redhat; advisories | CVE-2019-11735, CVE-2019-11738, CVE-2019-11740, CVE-2019-11742, CVE-2019-11743, CVE-2019-11744, CVE-2019-11746, CVE-2019-11747, CVE-2019-11748, CVE-2019-11749, CVE-2019-11750, CVE-2019-11752, CVE-2019-9812; SHA-256 | 1e7df8c31050ef3e210f299df41f0f0c8a392aebf25c80e8580cb763d01e6164; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 243 files
indoushka 150 files
Jay Turla 150 files
Ubuntu 63 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
Gentoo 33 files
H D Moore 31 files
Debian 29 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,114)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,006)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,685)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,797)
UNIX (9,443)
UnixWare (187)
Windows (6,757)
Other

CVE-2019-9812

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems