{"containers": {"cna": {"affected": [{"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "60.7.2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "67.0.4", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "60.7.2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer. This vulnerability affects Firefox ESR < 60.7.2, Firefox < 67.0.4, and Thunderbird < 60.7.2."}], "problemTypes": [{"descriptions": [{"description": "sandbox escape using Prompt:Open", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-12-09T17:06:05", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-19/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-20/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1559858"}, {"name": "GLSA-201908-12", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201908-12"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/155592/Mozilla-Firefox-Windows-64-Bit-Chain-Exploit.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2019-11708", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firefox ESR", "version": {"version_data": [{"version_affected": "<", "version_value": "60.7.2"}]}}, {"product_name": "Firefox", "version": {"version_data": [{"version_affected": "<", "version_value": "67.0.4"}]}}, {"product_name": "Thunderbird", "version": {"version_data": [{"version_affected": "<", "version_value": "60.7.2"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer. This vulnerability affects Firefox ESR < 60.7.2, Firefox < 67.0.4, and Thunderbird < 60.7.2."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "sandbox escape using Prompt:Open"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2019-19/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2019-19/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2019-20/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2019-20/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1559858", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1559858"}, {"name": "GLSA-201908-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201908-12"}, {"name": "http://packetstormsecurity.com/files/155592/Mozilla-Firefox-Windows-64-Bit-Chain-Exploit.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/155592/Mozilla-Firefox-Windows-64-Bit-Chain-Exploit.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T23:03:32.629Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-19/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-20/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1559858"}, {"name": "GLSA-201908-12", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201908-12"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/155592/Mozilla-Firefox-Windows-64-Bit-Chain-Exploit.html"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2019-11708", "datePublished": "2019-07-23T13:20:03", "dateReserved": "2019-05-03T00:00:00", "dateUpdated": "2024-08-04T23:03:32.629Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"cisaActionDue": "2022-06-13", "cisaExploitAdd": "2022-05-23", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "CCF2E157-C3DC-4A07-890F-68A9A2F65698", "versionEndExcluding": "67.0.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "87301197-9B8D-4715-825F-7299AE41CE53", "versionEndExcluding": "60.7.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1B4E516-92BD-48AC-9D6E-175FF71A2E4A", "versionEndExcluding": "60.7.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer. This vulnerability affects Firefox ESR < 60.7.2, Firefox < 67.0.4, and Thunderbird < 60.7.2."}, {"lang": "es", "value": "Una revisi\u00f3n insuficiente de los par\u00e1metros pasados ??con el mensaje IPC de Prompt:Open, entre procesos hijo y padre puede resultar que el proceso padre fuera del Sandbox abra el contenido web elegido por un proceso hijo comprometido. Cuando se combina con vulnerabilidades adicionales, esto podr\u00eda resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario en el ordenador del usuario. Esta vulnerabilidad afecta a Firefox ESR anterior a versi\u00f3n 60.7.2, Firefox anterior a versi\u00f3n 67.0.4 y Thunderbird anterior a versi\u00f3n 60.7.2."}], "id": "CVE-2019-11708", "lastModified": "2024-11-21T04:21:38.190", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "[email protected]", "type": "Primary"}]}, "published": "2019-07-23T14:15:15.327", "references": [{"source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/155592/Mozilla-Firefox-Windows-64-Bit-Chain-Exploit.html"}, {"source": "[email protected]", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1559858"}, {"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201908-12"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-19/"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-20/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/155592/Mozilla-Firefox-Windows-64-Bit-Chain-Exploit.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1559858"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201908-12"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-19/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-20/"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "[email protected]", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Coinbase Security as the original reporter.", "affected_release": [{"advisory": "RHSA-2019:1604", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "firefox-0:60.7.2-1.el6_10", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2019-06-25T00:00:00Z"}, {"advisory": "RHSA-2019:1624", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "thunderbird-0:60.7.2-2.el6_10", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2019-06-27T00:00:00Z"}, {"advisory": "RHSA-2019:1603", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:60.7.2-1.el7_6", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2019-06-25T00:00:00Z"}, {"advisory": "RHSA-2019:1626", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:60.7.2-2.el7_6", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2019-06-27T00:00:00Z"}, {"advisory": "RHSA-2019:1623", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:60.7.2-2.el8_0", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2019-06-27T00:00:00Z"}, {"advisory": "RHSA-2019:1696", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:60.7.2-3.el8_0", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2019-07-08T00:00:00Z"}], "bugzilla": {"description": "Mozilla: Sandbox escape using Prompt:Open", "id": "1722673", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1722673"}, "csaw": false, "cvss3": {"cvss3_base_score": "10.0", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-270", "details": ["Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer. This vulnerability affects Firefox ESR < 60.7.2, Firefox < 67.0.4, and Thunderbird < 60.7.2."], "name": "CVE-2019-11708", "public_date": "2019-06-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-11708\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-11708\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2019-19/#CVE-2019-11708\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "statement": "In general, this flaw cannot be exploited through email in Thunderbird because scripting is disabled when reading mail.", "threat_severity": "Important"}