CVE-2019-11750Type Confusion in Mozilla Firefox

CWE-843Type ConfusionCWE-908Use of Uninitialized Resource11 documents7 sources
Severity
6.5MEDIUMNVD
OSV9.8
EPSS
0.4%
top 40.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Mozilla FirefoxMozilla Firefox ESRDebian Firefox+1 more
Timeline
PublishedSep 27
Latest updateMay 24

Description

A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages7 packages

debiandebian/firefox< firefox 69.0-1 (sid)
CVEListV5mozilla/firefoxunspecified69
NVDmozilla/firefox< 69.0
debiandebian/firefox-esr< firefox 69.0-1 (sid)
CVEListV5mozilla/firefox_esrunspecified68.1

🔴Vulnerability Details

4
GHSA
GHSA-hxrv-jv26-w5f4: A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash2022-05-24
OSV
firefox regression2019-10-08
OSV
CVE-2019-11750: A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash2019-09-27
OSV
firefox vulnerabilities2019-09-04

📋Vendor Advisories

4
Ubuntu
Firefox regression2019-10-08
Ubuntu
Firefox vulnerabilities2019-09-04
Red Hat
Mozilla: Type confusion in Spidermonkey2019-09-03
Debian
CVE-2019-11750: firefox - A type confusion vulnerability exists in Spidermonkey, which results in a non-ex...2019

💬Community

2
Bugzilla
CVE-2019-11750 Mozilla: Type confusion in Spidermonkey2019-09-04
Bugzilla
Firefox 69.0 is available2019-09-03