CVE-2019-11710

Description

Mozilla developers and community members reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 68.

Risk Information

Base Score

9.8

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

1.311

Associated Vulnerability

Vulnerability	OS Platform
Multiple vulnerabilities fixed in Mozilla Thunderbird (x64) (68.4.2)	Windows
Multiple vulnerabilities fixed in Mozilla Thunderbird (68.4.2)	Windows
Multiple Vulnerabilities are affected in Mozilla Firefox 67.0.4	Windows
Multiple vulnerabilities are fixed in Update for Mozilla Firefox For Mac (68.0.1)	Mac
Multiple vulnerabilities are fixed in Update for Mozilla Firefox For Mac (68.0.2)	Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (68.9.0)	Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (68.10.0)	Mac
Multiple vulnerabilities are fixed in Update for Mozilla Thunderbird For Mac (68.2.2)	Mac
Multiple vulnerabilities are fixed in Update for Mozilla Thunderbird For Mac (68.3.0)	Mac
Multiple vulnerabilities are fixed in Update for Mozilla Thunderbird For Mac (68.3.1)	Mac
Multiple vulnerabilities are fixed in Update for Mozilla Thunderbird For Mac (68.4.1)	Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (68.4.2)	Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (68.5.0)	Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (68.6.0)	Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (68.7.0)	Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (68.8.0)	Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (68.8.1)	Mac
Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 67.0.4	Mac
SUSE-SU-2019:2620-1(SUSE Linux Enterprise Desktop 12-SP4 ) MozillaFirefox-68.1.0-109.89.1.x86_64.rpm	Linux
SUSE-SU-2019:2620-1(SUSE Linux Enterprise Desktop 12-SP4 ) MozillaFirefox-branding-SLE-68-32.8.1.x86_64.rpm	Linux
SUSE-SU-2019:2620-1(SUSE Linux Enterprise Desktop 12-SP4 ) MozillaFirefox-debuginfo-68.1.0-109.89.1.x86_64.rpm	Linux
SUSE-SU-2019:2620-1(SUSE Linux Enterprise Desktop 12-SP4 ) MozillaFirefox-debugsource-68.1.0-109.89.1.x86_64.rpm	Linux
SUSE-SU-2019:2620-1(SUSE Linux Enterprise Desktop 12-SP4 ) MozillaFirefox-translations-common-68.1.0-109.89.1.x86_64.rpm	Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-312673	Mozilla Thunderbird (x64) (68.4.2)
PATCH-312668	Mozilla Thunderbird (68.4.2)
PATCH-343015	Mozilla Firefox (132.0.2)
PATCH-607000	Mozilla Firefox For Mac (124.0)
PATCH-607000	Mozilla Firefox For Mac (124.0)
PATCH-611353	Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353	Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353	Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353	Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353	Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353	Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353	Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353	Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353	Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353	Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353	Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353	Mozilla Thunderbird For Mac (128.12.0)
PATCH-611870	Mozilla Firefox For Mac (142.0.1)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234