CVE-2019-11710
First published: Tue Jul 09 2019(Updated: )
Mozilla developers and community members André Bargull, Christian Holler, Natalia Csoregi, Raul Gurzau, Daniel Varga, Jon Coppeard, Marcia Knous, Gary Kwong, Randell Jesup, David Bolter, Jeff Gilbert, and Deian Stefan reported memory safety bugs fixed in Firefox 68 and Thunderbird 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
Credit: security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | <68 | 68 |
| <68 | 68 | |
| Mozilla Firefox | <68.0 | |
| openSUSE Leap | =15.0 | |
| openSUSE Leap | =15.1 | |
| <68 | 68 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1549768%2C1548611%2C1533842%2C1537692%2C1540590%2C1551907%2C1510345%2C1535482%2C1535848%2C1547472%2C1547760%2C1507696%2C1544180%2C1400563
- https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/
- https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11727
- https://www.mozilla.org/en-US/security/advisories/mfsa2019-28/
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1549768%2C1548611%2C1533842%2C1537692%2C1540590%2C1551907%2C1510345%2C1535482%2C1535848%2C1547472%2C1547760%2C1507696%2C1544180
- https://security.gentoo.org/glsa/201908-12
- https://www.mozilla.org/security/advisories/mfsa2019-21/
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is CVE-2019-11710?
CVE-2019-11710 is a vulnerability found in Firefox 68 and Thunderbird 68 that allows for memory safety bugs.
Who reported CVE-2019-11710?
Mozilla developers and community members André Bargull, Christian Holler, Natalia Csoregi, Raul Gurzau, Daniel Varga, Jon Coppeard, Marcia Knous, Gary Kwong, Randell Jesup, David Bolter, Jeff Gilbert, and Deian Stefan reported CVE-2019-11710.
What is the severity of CVE-2019-11710?
CVE-2019-11710 has a severity level of critical.
How can I fix CVE-2019-11710?
To fix CVE-2019-11710, update to Firefox 68 or Thunderbird 68.
Are there any references for CVE-2019-11710?
Yes, you can find more information about CVE-2019-11710 at the following references: [Link 1](https://bugzilla.mozilla.org/buglist.cgi?bug_id=1549768%2C1548611%2C1533842%2C1537692%2C1540590%2C1551907%2C1510345%2C1535482%2C1535848%2C1547472%2C1547760%2C1507696%2C1544180%2C1400563), [Link 2](https://www.mozilla.org/en-US/security/advisories/mfsa2019-28/), [Link 3](https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/).
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/weakness
- agent/author
- agent/references
- agent/severity
- collector/mozilla-advisory
- source/Mozilla
- agent/software-canonical-lookup
- agent/description
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- agent/trending
- vendor/mozilla
- canonical/mozilla thunderbird
- canonical/mozilla firefox
- vendor/opensuse
- canonical/opensuse leap
- version/opensuse leap/15.0
- version/opensuse leap/15.1