Description
There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:
- It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This
results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 69,
Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. (CVE-2019-11752)
- Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape
that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox
Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and
the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability
affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69. (CVE-2019-9812)
- Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR
68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with
enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects
Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
(CVE-2019-11740)
- A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of
SVG filters and a <canvas> element due to an error in how same-origin policy is applied to cached
image content. The resulting same-origin policy violation could allow for data theft. This vulnerability
affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
(CVE-2019-11742)
- Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in
some instances for the unload event, which restricts access to detailed timing attributes to only be same-
origin. This resulted in potential cross-origin information exposure of history through timing side-
channel attacks. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox
ESR < 60.9, and Firefox ESR < 68.1. (CVE-2019-11743)
Plugin Details
Supported Sensors: Agentless Assessment
Risk Information
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
Exploit Ease: Exploits are available
Vulnerability Publication Date: 9/3/2019