First published: Tue May 21 2019(Updated: )
Mozilla developers and community members Christian Holler, Andrei Ciure, Julien Cristau, Jan de Mooij, Jan Varga, Marcia Knous, André Bargull, and Philipp reported memory safety bugs present in Firefox 66. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
Credit: security@mozilla.org security@mozilla.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mozilla Firefox | <67 | 67 |
Mozilla Firefox | <67.0 | |
ubuntu/firefox | <67.0+ | 67.0+ |
ubuntu/firefox | <67.0+ | 67.0+ |
ubuntu/firefox | <67.0+ | 67.0+ |
ubuntu/firefox | <67.0+ | 67.0+ |
ubuntu/firefox | <67.0+ | 67.0+ |
ubuntu/firefox | <67.0+ | 67.0+ |
ubuntu/firefox | <67.0+ | 67.0+ |
ubuntu/firefox | <67.0+ | 67.0+ |
ubuntu/firefox | <67.0+ | 67.0+ |
ubuntu/firefox | <67.0+ | 67.0+ |
ubuntu/firefox | <67.0+ | 67.0+ |
ubuntu/firefox | <67.0+ | 67.0+ |
ubuntu/firefox | <67.0+ | 67.0+ |
ubuntu/firefox | <67.0 | 67.0 |
ubuntu/firefox | <67.0+ | 67.0+ |
debian/firefox | 125.0.3-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2019-9814 is a memory safety vulnerability present in Firefox 66 that can lead to memory corruption with enough effort.
CVE-2019-9814 has a severity rating of critical with a CVSS score of 9.0.
Firefox versions up to and excluding 67.0 are affected by CVE-2019-9814.
To fix CVE-2019-9814, upgrade your Firefox browser to version 67.0 or higher.
More information about CVE-2019-9814 can be found at the following references: [Bugzilla](https://bugzilla.mozilla.org/buglist.cgi?bug_id=1527592%2C1534536%2C1520132%2C1543159%2C1539393%2C1459932%2C1459182%2C1516425), [Mozilla Security Advisories](https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/)