CVE-2019-9805
published 2019-04-26CVE-2019-9805: A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory corruption…
PriorityP338critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.21%
64.7th percentile
A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory corruption. This vulnerability affects Firefox < 66.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 66.0-1 (sid) | firefox 66.0-1 (sid) |
| mozilla | firefox | < 66.0 | 66.0 |
| mozilla | firefox | >= 0 < 66.0.2+build1-0ubuntu0.14.04.1 | 66.0.2+build1-0ubuntu0.14.04.1 |
| mozilla | firefox | >= 0 < 66.0.3+build1-0ubuntu0.14.04.1 | 66.0.3+build1-0ubuntu0.14.04.1 |
| mozilla | firefox | >= 0 < 66.0.1+build1-0ubuntu0.14.04.1 | 66.0.1+build1-0ubuntu0.14.04.1 |
| mozilla | firefox | >= 0 < 66.0.2+build1-0ubuntu0.16.04.1 | 66.0.2+build1-0ubuntu0.16.04.1 |
| mozilla | firefox | >= 0 < 66.0.3+build1-0ubuntu0.16.04.1 | 66.0.3+build1-0ubuntu0.16.04.1 |
| mozilla | firefox | >= 0 < 66.0+build3-0ubuntu0.16.04.2 | 66.0+build3-0ubuntu0.16.04.2 |
| mozilla | firefox | >= 0 < 66.0.2+build1-0ubuntu0.18.04.1 | 66.0.2+build1-0ubuntu0.18.04.1 |
| mozilla | firefox | >= 0 < 66.0.3+build1-0ubuntu0.18.04.1 | 66.0.3+build1-0ubuntu0.18.04.1 |
| mozilla | firefox | >= 0 < 66.0+build3-0ubuntu0.18.04.1 | 66.0+build3-0ubuntu0.18.04.1 |
| mozilla | firefox | >= unspecified < 66 | 66 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
vendor_ubuntu9.8CRITICAL
vendor_redhat8.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fqhq-pc8v-8xch: A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory cor
ghsa_unreviewed·2022-05-24
CVE-2019-9805 [CRITICAL] CWE-908 GHSA-fqhq-pc8v-8xch: A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory cor
A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory corruption. This vulnerability affects Firefox < 66.
OSV
firefox regressions
osv·2019-04-16·CVSS 9.8
[CRITICAL] firefox regressions
firefox regressions
USN-3918-1 fixed vulnerabilities in Firefox. The update caused web
compatibility and performance issues with some websites. This update fixes
the problem.
We apologize for the inconvenience.
Original advisory details:
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via application
crash, denial of service via successive FTP authorization prompts or modal
alerts, trick the user with confusing permission request prompts, obtain
sensitive information, conduct social engineering attacks, or execute
arbitrary code. (CVE-2019-9788, CVE-2019-9789, CVE-2019-9790,
CVE-2019-9791, CVE-2019-9792, CVE-2019-9795, CVE-2019-9796, CVE-2019-9
OSV
firefox regression
osv·2019-03-28·CVSS 9.8
[CRITICAL] firefox regression
firefox regression
USN-3918-1 fixed vulnerabilities in Firefox. The update caused web
compatibility issues with some websites. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via application
crash, denial of service via successive FTP authorization prompts or modal
alerts, trick the user with confusing permission request prompts, obtain
sensitive information, conduct social engineering attacks, or execute
arbitrary code. (CVE-2019-9788, CVE-2019-9789, CVE-2019-9790,
CVE-2019-9791, CVE-2019-9792, CVE-2019-9795, CVE-2019-9796, CVE-2019-9797,
CVE-2019-979
OSV
firefox vulnerabilities
osv·2019-03-25·CVSS 9.8
[CRITICAL] firefox vulnerabilities
firefox vulnerabilities
USN-3918-1 fixed vulnerabilities in Firefox. This update provides the
corresponding updates for Ubuntu 14.04 LTS.
Original advisory details:
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via application
crash, denial of service via successive FTP authorization prompts or modal
alerts, trick the user with confusing permission request prompts, obtain
sensitive information, conduct social engineering attacks, or execute
arbitrary code. (CVE-2019-9788, CVE-2019-9789, CVE-2019-9790,
CVE-2019-9791, CVE-2019-9792, CVE-2019-9795, CVE-2019-9796, CVE-2019-9797,
CVE-2019-9799, CVE-2019-9802, CVE-2019-9805, CVE-2019-9806, CVE-2019-
OSV
firefox vulnerabilities
osv·2019-03-21·CVSS 9.8
CVE-2019-9788 [CRITICAL] firefox vulnerabilities
firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via application
crash, denial of service via successive FTP authorization prompts or modal
alerts, trick the user with confusing permission request prompts, obtain
sensitive information, conduct social engineering attacks, or execute
arbitrary code. (CVE-2019-9788, CVE-2019-9789, CVE-2019-9790,
CVE-2019-9791, CVE-2019-9792, CVE-2019-9795, CVE-2019-9796, CVE-2019-9797,
CVE-2019-9799, CVE-2019-9802, CVE-2019-9805, CVE-2019-9806, CVE-2019-9807,
CVE-2019-9808, CVE-2019-9809)
A mechanism was discovered that removes some bounds checking for string,
array, or typed array accesses if
OSV
CVE-2019-9805: A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory cor
osv·2019-03-20·CVSS 9.8
CVE-2019-9805 [CRITICAL] CVE-2019-9805: A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory cor
A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory corruption. This vulnerability affects Firefox < 66.
Ubuntu
Firefox regressions
vendor_ubuntu·2019-04-16·CVSS 9.8
[CRITICAL] Firefox regressions
Title: Firefox regressions
Summary: USN-3918-1 caused a regression in Firefox.
USN-3918-1 fixed vulnerabilities in Firefox. The update caused web
compatibility and performance issues with some websites. This update fixes
the problem.
We apologize for the inconvenience.
Original advisory details:
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via application
crash, denial of service via successive FTP authorization prompts or modal
alerts, trick the user with confusing permission request prompts, obtain
sensitive information, conduct social engineering attacks, or execute
arbitrary code. (CVE-2019-9788, CVE-2019-9789, CVE-2019-9790,
CVE-2019-9
Ubuntu
Firefox regression
vendor_ubuntu·2019-03-28·CVSS 9.8
[CRITICAL] Firefox regression
Title: Firefox regression
Summary: USN-3918-1 caused a regression in Firefox.
USN-3918-1 fixed vulnerabilities in Firefox. The update caused web
compatibility issues with some websites. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via application
crash, denial of service via successive FTP authorization prompts or modal
alerts, trick the user with confusing permission request prompts, obtain
sensitive information, conduct social engineering attacks, or execute
arbitrary code. (CVE-2019-9788, CVE-2019-9789, CVE-2019-9790,
CVE-2019-9791, CVE-2019-979
Ubuntu
Firefox vulnerabilities
vendor_ubuntu·2019-03-25·CVSS 9.8
CVE-2019-9788 [CRITICAL] Firefox vulnerabilities
Title: Firefox vulnerabilities
Summary: Several security issues were fixed in Firefox.
USN-3918-1 fixed vulnerabilities in Firefox. This update provides the
corresponding updates for Ubuntu 14.04 LTS.
Original advisory details:
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via application
crash, denial of service via successive FTP authorization prompts or modal
alerts, trick the user with confusing permission request prompts, obtain
sensitive information, conduct social engineering attacks, or execute
arbitrary code. (CVE-2019-9788, CVE-2019-9789, CVE-2019-9790,
CVE-2019-9791, CVE-2019-9792, CVE-2019-9795, CVE-2019-9796, CVE-2019-9797,
CVE-2
Ubuntu
Firefox vulnerabilities
vendor_ubuntu·2019-03-21·CVSS 9.8
CVE-2019-9788 [CRITICAL] Firefox vulnerabilities
Title: Firefox vulnerabilities
Summary: Several security issues were fixed in Firefox.
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via application
crash, denial of service via successive FTP authorization prompts or modal
alerts, trick the user with confusing permission request prompts, obtain
sensitive information, conduct social engineering attacks, or execute
arbitrary code. (CVE-2019-9788, CVE-2019-9789, CVE-2019-9790,
CVE-2019-9791, CVE-2019-9792, CVE-2019-9795, CVE-2019-9796, CVE-2019-9797,
CVE-2019-9799, CVE-2019-9802, CVE-2019-9805, CVE-2019-9806, CVE-2019-9807,
CVE-2019-9808, CVE-2019-9809)
A mechanism was discovered that removes so
Debian
CVE-2019-9805: firefox - A latent vulnerability exists in the Prio library where data may be read from un...
vendor_debian·2019·CVSS 9.8
CVE-2019-9805 [CRITICAL] CVE-2019-9805: firefox - A latent vulnerability exists in the Prio library where data may be read from un...
A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory corruption. This vulnerability affects Firefox < 66.
Scope: local
sid: resolved (fixed in 66.0-1)
Red Hat
struts: RCE attack via REST plugin with XStream handler to deserialise XML requests
vendor_redhat·2017-09-05·CVSS 8.1
CVE-2017-9805 [HIGH] CWE-20 struts: RCE attack via REST plugin with XStream handler to deserialise XML requests
struts: RCE attack via REST plugin with XStream handler to deserialise XML requests
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
The REST Plugin in Apache Struts2 is using a XStreamHandler with an instance of XStream for deserialization without any type filtering which could lead to Remote Code Execution when deserializing XML payloads. An attacker could use this flaw to execute arbitrary code or conduct further attacks.
Statement: A previous statement by Red Hat related to this CVE, prior to August 2019, said that Apache Struts 2 is not included in any Red Hat products. T
Suricata
ET EXPLOIT Apache Struts 2 REST Plugin Vulnerability (CVE-2017-9805)
suricata·2019-06-26·CVSS 8.1
CVE-2017-9805 [HIGH] ET EXPLOIT Apache Struts 2 REST Plugin Vulnerability (CVE-2017-9805)
ET EXPLOIT Apache Struts 2 REST Plugin Vulnerability (CVE-2017-9805)
Rule: alert http any any -> $HOME_NET any (msg:"ET EXPLOIT Apache Struts 2 REST Plugin Vulnerability (CVE-2017-9805)"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/struts2"; http.content_type; content:"|25 7b 28 23|"; isdataat:500,relative; content:"cmd.exe"; fast_pattern; content:"@java.lang.System@getProperty(|27|os.name|27|)"; reference:cve,2017-9805; reference:url,forums.juniper.net/t5/Threat-Research/Anatomy-of-the-Bulehero-Cryptomining-Botnet/ba-p/458787; classtype:attempted-user; sid:2027516; rev:3; metadata:affected_product Apache_Struts2, attack_target Client_Endpoint, created_at 2019_06_26, cve CVE_2017_9805, deployment Perimeter, performance_impact Moderate, signature_severity Ma
No public exploits indexed.
CWE
Use of Uninitialized Resource
mitre_cwe
CWE-908 Use of Uninitialized Resource
CWE-908: Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.
When a resource has not been properly initialized, the product may behave unexpectedly. This may lead to a crash or invalid memory access, but the consequences vary depending on the type of resource and how it is used within the product.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Confidentiality. Impact: Read Memory, Read Application Data. When reusing a resource such as memory or a program variable, the original contents of that resource may not be cleared before it is sent to an untrusted party.
Scope: Availability. Impact: DoS: Crash, Exit, or Restart. The uninitialized resource may contain values that cause program flow to change in ways that t
CWE
Incorrect Behavior Order
mitre_cwe
CWE-696 Incorrect Behavior Order
CWE-696: Incorrect Behavior Order
The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways that may produce resultant weaknesses.
Modes of Introduction:
Phase: Architecture and Design
Phase: Implementation
Common Consequences:
Scope: Integrity. Impact: Alter Execution Logic.
Examples:
The following code attempts to validate a given input path by checking it against an allowlist and then return the canonical path. In this specific case, the path is considered valid if it starts with the string "/safe_dir/".
The problem with the above code is that the validation step occurs before canonicalization occurs. An attacker could provide an input path of "/safe_dir/../" that would pass the validation step. However, the canonicalization process
CWE
Insufficient Control Flow Management
mitre_cwe·CVSS 9.8
[CRITICAL] CWE-691 Insufficient Control Flow Management
CWE-691: Insufficient Control Flow Management
The code does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways.
Modes of Introduction:
Phase: Architecture and Design
Phase: Implementation
Common Consequences:
Scope: Other. Impact: Alter Execution Logic.
Examples:
The following function attempts to acquire a lock in order to perform operations on a shared resource.
However, the code does not check the value returned by pthread_mutex_lock() for errors. If pthread_mutex_lock() cannot acquire the mutex for any reason, the function may introduce a race condition into the program and result in undefined behavior.
In order to avoid data races, correctly written programs must check the result of thread syn
2019-04-26
Published