CVE-2019-9789

{"id": "CVE-2019-9789", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2019-04-26T17:29:01.290", "references": [{"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1520483%2C1522987%2C1528199%2C1519337%2C1525549%2C1516179%2C1518524%2C1518331%2C1526579%2C1512567%2C1524335%2C1448505%2C1518821", "tags": ["Broken Link", "Issue Tracking", "Vendor Advisory"], "source": "security@mozilla.org"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2019-07/", "tags": ["Vendor Advisory"], "source": "security@mozilla.org"}, {"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1520483%2C1522987%2C1528199%2C1519337%2C1525549%2C1516179%2C1518524%2C1518331%2C1526579%2C1512567%2C1524335%2C1448505%2C1518821", "tags": ["Broken Link", "Issue Tracking", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2019-07/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "Mozilla developers and community members reported memory safety bugs present in Firefox 65. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 66."}, {"lang": "es", "value": "Los desarrolladores y miembros de la comunidad de Mozilla detectaron errores de seguridad de memoria en Firefox versi\u00f3n 65. Algunos de estos errores mostraron evidencia de corrupci\u00f3n en la memoria y suponemos que con suficiente esfuerzo que algunos de estos podr\u00edan ser explotados para ejecutar c\u00f3digo arbitrario. Esta vulnerabilidad afecta a Firefox versi\u00f3n anterior a 66."}], "lastModified": "2024-11-21T04:52:18.760", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF5B7642-9E9D-4578-9120-B95A6B198177", "versionEndExcluding": "66.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@mozilla.org"}