CVE-2019-11694 - OpenCVE

A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows
Mozilla	Firefox Esr Firefox Thunderbird

Configuration 1 [-]

AND

OR	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox_esr::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

References

Link	Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1534196	Issue Tracking Permissions Required Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2019-13/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2019-14/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2019-15/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mozilla

Published: 2019-07-23T13:22:42

Updated: 2019-07-23T13:22:42

Reserved: 2019-05-03T00:00:00

Link: CVE-2019-11694

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-07-23T14:15:14.187

Modified: 2020-08-24T17:37:01.140

Link: CVE-2019-11694

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "60.7", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "67", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "60.7", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7."}], "problemTypes": [{"descriptions": [{"description": "Uninitialized memory memory leakage in Windows sandbox", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-07-23T13:22:42", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-13/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-15/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-14/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1534196"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2019-11694", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Thunderbird", "version": {"version_data": [{"version_affected": "<", "version_value": "60.7"}]}}, {"product_name": "Firefox", "version": {"version_data": [{"version_affected": "<", "version_value": "67"}]}}, {"product_name": "Firefox ESR", "version": {"version_data": [{"version_affected": "<", "version_value": "60.7"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Uninitialized memory memory leakage in Windows sandbox"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2019-13/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2019-13/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2019-15/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2019-15/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2019-14/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2019-14/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1534196", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1534196"}]}}}}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2019-11694", "datePublished": "2019-07-23T13:22:42", "dateReserved": "2019-05-03T00:00:00", "dateUpdated": "2019-07-23T13:22:42", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "83DEE955-3E09-489F-BE40-2FD33EACF436", "versionEndExcluding": "67.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "1ACF922F-9173-4674-BFDE-542C5B80D410", "versionEndExcluding": "60.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "36C08191-FCDD-423D-997E-50E5ABEC0CDA", "versionEndExcluding": "60.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7."}, {"lang": "es", "value": "Existe una vulnerabilidad en el entorno limitado de Windows sandbox donde un valor no inicializado en la memoria puede filtrarse a un procesador desde un intermediario cuando se realiza una llamada para acceder a un archivo que de otra manera no est\u00e1 disponible. Esto da como resultado la posible p\u00e9rdida de informaci\u00f3n almacenada en esa ubicaci\u00f3n de memoria. * Nota: este problema solo ocurre en Windows. Otros sistemas operativos no se ven afectados. *. Esta vulnerabilidad afecta a Thunderbird anterior a 60.7, Firefox anterior a 67 y Firefox ESR anterior a 60.7."}], "id": "CVE-2019-11694", "lastModified": "2020-08-24T17:37:01.140", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-23T14:15:14.187", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking", "Permissions Required", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1534196"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-13/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-14/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-15/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-755"}, {"lang": "en", "value": "CWE-908"}], "source": "nvd@nist.gov", "type": "Primary"}]}