Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
No history.
Information
Published : 2020-01-08 22:15
Updated : 2024-02-28 17:28
NVD link : CVE-2019-17017
Mitre link : CVE-2019-17017
CVE.ORG link : CVE-2019-17017
JSON object : View
Products Affected
debian
- debian_linux
redhat
- enterprise_linux_desktop
- enterprise_linux_server
- enterprise_linux_server_aus
- enterprise_linux_server_tus
- enterprise_linux_workstation
mozilla
- firefox_esr
- firefox
canonical
- ubuntu_linux
CWE
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')