mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
192 lines
7.3 KiB
JSON
192 lines
7.3 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2019-17024",
|
|
"ASSIGNER": "security@mozilla.org",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Mozilla",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Firefox ESR",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "before 68.4"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "Firefox",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "before 72"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1507180%2C1595470%2C1598605%2C1601826",
|
|
"refsource": "MISC",
|
|
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1507180%2C1595470%2C1598605%2C1601826"
|
|
},
|
|
{
|
|
"refsource": "CONFIRM",
|
|
"name": "https://www.mozilla.org/security/advisories/mfsa2020-01/",
|
|
"url": "https://www.mozilla.org/security/advisories/mfsa2020-01/"
|
|
},
|
|
{
|
|
"refsource": "CONFIRM",
|
|
"name": "https://www.mozilla.org/security/advisories/mfsa2020-02/",
|
|
"url": "https://www.mozilla.org/security/advisories/mfsa2020-02/"
|
|
},
|
|
{
|
|
"refsource": "BUGTRAQ",
|
|
"name": "20200109 [SECURITY] [DSA 4600-1] firefox-esr security update",
|
|
"url": "https://seclists.org/bugtraq/2020/Jan/12"
|
|
},
|
|
{
|
|
"refsource": "MLIST",
|
|
"name": "[debian-lts-announce] 20200109 [SECURITY] [DLA 2061-1] firefox-esr security update",
|
|
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00005.html"
|
|
},
|
|
{
|
|
"refsource": "DEBIAN",
|
|
"name": "DSA-4600",
|
|
"url": "https://www.debian.org/security/2020/dsa-4600"
|
|
},
|
|
{
|
|
"refsource": "UBUNTU",
|
|
"name": "USN-4234-1",
|
|
"url": "https://usn.ubuntu.com/4234-1/"
|
|
},
|
|
{
|
|
"refsource": "BUGTRAQ",
|
|
"name": "20200112 [slackware-security] mozilla-thunderbird (SSA:2020-010-01)",
|
|
"url": "https://seclists.org/bugtraq/2020/Jan/18"
|
|
},
|
|
{
|
|
"refsource": "REDHAT",
|
|
"name": "RHSA-2020:0085",
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0085"
|
|
},
|
|
{
|
|
"refsource": "REDHAT",
|
|
"name": "RHSA-2020:0086",
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0086"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "http://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.html",
|
|
"url": "http://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.html"
|
|
},
|
|
{
|
|
"refsource": "REDHAT",
|
|
"name": "RHSA-2020:0111",
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0111"
|
|
},
|
|
{
|
|
"refsource": "SUSE",
|
|
"name": "openSUSE-SU-2020:0060",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html"
|
|
},
|
|
{
|
|
"refsource": "REDHAT",
|
|
"name": "RHSA-2020:0120",
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0120"
|
|
},
|
|
{
|
|
"refsource": "REDHAT",
|
|
"name": "RHSA-2020:0123",
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0123"
|
|
},
|
|
{
|
|
"refsource": "REDHAT",
|
|
"name": "RHSA-2020:0127",
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0127"
|
|
},
|
|
{
|
|
"refsource": "UBUNTU",
|
|
"name": "USN-4241-1",
|
|
"url": "https://usn.ubuntu.com/4241-1/"
|
|
},
|
|
{
|
|
"refsource": "DEBIAN",
|
|
"name": "DSA-4603",
|
|
"url": "https://www.debian.org/security/2020/dsa-4603"
|
|
},
|
|
{
|
|
"refsource": "BUGTRAQ",
|
|
"name": "20200120 [SECURITY] [DSA 4603-1] thunderbird security update",
|
|
"url": "https://seclists.org/bugtraq/2020/Jan/26"
|
|
},
|
|
{
|
|
"refsource": "MLIST",
|
|
"name": "[debian-lts-announce] 20200120 [SECURITY] [DLA 2071-1] thunderbird security update",
|
|
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html"
|
|
},
|
|
{
|
|
"refsource": "SUSE",
|
|
"name": "openSUSE-SU-2020:0094",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html"
|
|
},
|
|
{
|
|
"refsource": "REDHAT",
|
|
"name": "RHSA-2020:0292",
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0292"
|
|
},
|
|
{
|
|
"refsource": "REDHAT",
|
|
"name": "RHSA-2020:0295",
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0295"
|
|
},
|
|
{
|
|
"refsource": "GENTOO",
|
|
"name": "GLSA-202003-02",
|
|
"url": "https://security.gentoo.org/glsa/202003-02"
|
|
},
|
|
{
|
|
"refsource": "UBUNTU",
|
|
"name": "USN-4335-1",
|
|
"url": "https://usn.ubuntu.com/4335-1/"
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72."
|
|
}
|
|
]
|
|
}
|
|
} |