CVE-2019-9814
First published: Tue May 21 2019(Updated: )
Mozilla developers and community members Christian Holler, Andrei Ciure, Julien Cristau, Jan de Mooij, Jan Varga, Marcia Knous, André Bargull, and Philipp reported memory safety bugs present in Firefox 66. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
Credit: security@mozilla.org security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | <67 | 67 |
| Mozilla Firefox | <67.0 | |
| ubuntu/firefox | <67.0+ | 67.0+ |
| ubuntu/firefox | <67.0+ | 67.0+ |
| ubuntu/firefox | <67.0+ | 67.0+ |
| ubuntu/firefox | <67.0+ | 67.0+ |
| ubuntu/firefox | <67.0+ | 67.0+ |
| ubuntu/firefox | <67.0+ | 67.0+ |
| ubuntu/firefox | <67.0+ | 67.0+ |
| ubuntu/firefox | <67.0+ | 67.0+ |
| ubuntu/firefox | <67.0+ | 67.0+ |
| ubuntu/firefox | <67.0+ | 67.0+ |
| ubuntu/firefox | <67.0+ | 67.0+ |
| ubuntu/firefox | <67.0+ | 67.0+ |
| ubuntu/firefox | <67.0+ | 67.0+ |
| ubuntu/firefox | <67.0 | 67.0 |
| ubuntu/firefox | <67.0+ | 67.0+ |
| debian/firefox | 125.0.3-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1527592%2C1534536%2C1520132%2C1543159%2C1539393%2C1459932%2C1459182%2C1516425
- https://www.mozilla.org/security/advisories/mfsa2019-13/
- https://launchpad.net/bugs/cve/CVE-2019-9814
- https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/
- https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11693
- https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9814
- https://security-tracker.debian.org/tracker/CVE-2019-9814
- https://ubuntu.com/security/notices/USN-3991-1
- https://www.cve.org/CVERecord?id=CVE-2019-9814
- https://nvd.nist.gov/vuln/detail/CVE-2019-9814
- https://ubuntu.com/security/CVE-2019-9814
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is CVE-2019-9814?
CVE-2019-9814 is a memory safety vulnerability present in Firefox 66 that can lead to memory corruption with enough effort.
How severe is CVE-2019-9814?
CVE-2019-9814 has a severity rating of critical with a CVSS score of 9.0.
Which software versions are affected by CVE-2019-9814?
Firefox versions up to and excluding 67.0 are affected by CVE-2019-9814.
How can I fix CVE-2019-9814?
To fix CVE-2019-9814, upgrade your Firefox browser to version 67.0 or higher.
Where can I find more information about CVE-2019-9814?
More information about CVE-2019-9814 can be found at the following references: [Bugzilla](https://bugzilla.mozilla.org/buglist.cgi?bug_id=1527592%2C1534536%2C1520132%2C1543159%2C1539393%2C1459932%2C1459182%2C1516425), [Mozilla Security Advisories](https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/)
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- agent/severity
- agent/weakness
- agent/event
- agent/description
- collector/mozilla-advisory
- agent/software-canonical-lookup-request
- agent/references
- agent/tags
- source/Mozilla
- agent/software-canonical-lookup
- collector/nvd-cve
- source/NVD
- collector/nvd-index
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- collector/usn-cve
- source/Ubuntu
- vendor/mozilla
- canonical/mozilla firefox
- package-manager/debian
- package-manager/ubuntu