CVE-2019-9802

MEDIUM

Description

If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and allow for a potential memory read of adjacent data from the privileged Chrome process, which may include sensitive data. This vulnerability affects Firefox < 66.

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1415508

https://www.mozilla.org/security/advisories/mfsa2019-07/

Details

Source: MITRE

Published: 2019-04-26

Updated: 2019-05-01

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Tenable Plugins

View all (8 total)

IDNameProductFamilySeverity
124114Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : Firefox regressions (USN-3918-4)NessusUbuntu Local Security Checks
high
700487Mozilla Firefox < 66.0 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
123502Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : Firefox regression (USN-3918-3)NessusUbuntu Local Security Checks
high
123127Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-3918-2)NessusUbuntu Local Security Checks
high
123078Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : Firefox vulnerabilities (USN-3918-1)NessusUbuntu Local Security Checks
high
122959FreeBSD : mozilla -- multiple vulnerabilities (05da6b56-3e66-4306-9ea3-89fafe939726)NessusFreeBSD Local Security Checks
high
122948Mozilla Firefox < 66.0NessusWindows
high
122947Mozilla Firefox < 66.0NessusMacOS X Local Security Checks
high