CVE-2019-11758
N/A
N/A
Summary
Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.2, and Firefox ESR < 68.2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Mozilla | Firefox | before 69 | affected |
| Mozilla | Thunderbird | before 68.2 | affected |
| Mozilla | Firefox ESR | before 68.2 | affected |
Weaknesses
- Potentially exploitable crash due to 360 Total Security
ADP Enrichment
CVE Program Container
Additional References
- https://www.mozilla.org/security/advisories/mfsa2019-25/
- https://www.mozilla.org/security/advisories/mfsa2019-35/
- https://www.mozilla.org/security/advisories/mfsa2019-33/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1536227
- https://usn.ubuntu.com/4335-1/
References
- https://www.mozilla.org/security/advisories/mfsa2019-25/
- https://www.mozilla.org/security/advisories/mfsa2019-35/
- https://www.mozilla.org/security/advisories/mfsa2019-33/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1536227
- https://usn.ubuntu.com/4335-1/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.