CVE-2019-9807: Input Validation

Reference Links

• https://bugzilla.mozilla.org/show_bug.cgi?id=1362050
• https://www.mozilla.org/security/advisories/mfsa2019-07/
• https://launchpad.net/bugs/cve/CVE-2019-9807
• https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/
• https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9788
• https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9807
• https://security-tracker.debian.org/tracker/CVE-2019-9807
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9807
• https://nvd.nist.gov/vuln/detail/CVE-2019-9807
• https://ubuntu.com/security/CVE-2019-9807

Parent vulnerabilities

(Appears in the following advisories)

• MFSA2019-07

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2019-9790
• CVE-2019-9791
• CVE-2019-9792
• CVE-2019-9793
• CVE-2019-9794
• CVE-2019-9795
• CVE-2019-9796
• CVE-2019-9797
• CVE-2019-9798
• CVE-2019-9799
• CVE-2019-9801
• CVE-2019-9802
• CVE-2019-9803
• CVE-2019-9804
• CVE-2019-9805
• CVE-2019-9806
• CVE-2019-9807
• CVE-2019-9809
• CVE-2019-9808
• CVE-2019-9789
• CVE-2019-9788

Frequently Asked Questions

• What is the vulnerability ID of this vulnerability?

  The vulnerability ID is CVE-2019-9807.

• What is the severity level of CVE-2019-9807?

  CVE-2019-9807 has a severity level of medium (4.3).

• How does CVE-2019-9807 affect Firefox?

  CVE-2019-9807 affects Firefox versions prior to 66.

• What can an attacker potentially do with CVE-2019-9807?

  An attacker could potentially use CVE-2019-9807 for social engineering attacks by creating a modal alert message with arbitrary text.

• Are there any remediation steps available for CVE-2019-9807?

  Yes, upgrading to Firefox version 66 or later will fix the vulnerability.