[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Information disclosure vulnerability in Firefox 66 - CVE-2019-9802

ID: oval:org.secpod.oval:def:53031Date: (C)2019-03-21   (M)2023-12-20
Class: VULNERABILITYFamily: macos




Mozilla Firefox 66 : If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and allow for a potential memory read of adjacent data from the privileged Chrome process, which may include sensitive data.

Platform:
Apple Mac OS 14
Apple Mac OS 13
Apple Mac OS 12
Apple Mac OS 11
Apple Mac OS X 10.15
Apple Mac OS X 10.9
Apple Mac OS X 10.10
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Apple Mac OS X 10.13
Apple Mac OS X 10.14
Product:
Mozilla Firefox
Reference:
CVE-2019-9802
CVE    1
CVE-2019-9802
CPE    253
cpe:/a:mozilla:firefox:37.0
cpe:/a:mozilla:firefox:14.0
cpe:/a:mozilla:firefox:-
cpe:/a:mozilla:firefox:20.0.1
...

© SecPod Technologies