CVE-2019-11760 - OpenCVE

A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Canonical	Ubuntu Linux
Mozilla	Firefox Esr Firefox Thunderbird

Configuration 1 [-]

OR	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox_esr::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::

Configuration 2 [-]

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

References

Link	Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1577719	Issue Tracking Permissions Required
https://security.gentoo.org/glsa/202003-10	Third Party Advisory
https://usn.ubuntu.com/4335-1/	Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2019-33/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2019-34/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2019-35/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mozilla

Published: 2020-01-08T19:51:19

Updated: 2020-04-29T02:07:06

Reserved: 2019-05-03T00:00:00

Link: CVE-2019-11760

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-01-08T20:15:12.703

Modified: 2023-02-01T14:13:18.157

Link: CVE-2019-11760

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"status": "affected", "version": "before 70"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"status": "affected", "version": "before 68.2"}]}, {"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"status": "affected", "version": "before 68.2"}]}], "descriptions": [{"lang": "en", "value": "A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2."}], "problemTypes": [{"descriptions": [{"description": "Stack buffer overflow in WebRTC networking", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-04-29T02:07:06", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-35/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-33/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-34/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1577719"}, {"name": "GLSA-202003-10", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202003-10"}, {"name": "USN-4335-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4335-1/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2019-11760", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firefox", "version": {"version_data": [{"version_value": "before 70"}]}}, {"product_name": "Thunderbird", "version": {"version_data": [{"version_value": "before 68.2"}]}}, {"product_name": "Firefox ESR", "version": {"version_data": [{"version_value": "before 68.2"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Stack buffer overflow in WebRTC networking"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2019-35/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2019-35/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2019-33/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2019-33/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2019-34/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2019-34/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1577719", "refsource": "CONFIRM", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1577719"}, {"name": "GLSA-202003-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202003-10"}, {"name": "USN-4335-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4335-1/"}]}}}}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2019-11760", "datePublished": "2020-01-08T19:51:19", "dateReserved": "2019-05-03T00:00:00", "dateUpdated": "2020-04-29T02:07:06", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4EA7BDA-DA95-46FB-8568-E857D3479994", "versionEndExcluding": "70.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "19FED95C-5BAF-4E31-8F60-E51609BA3BDB", "versionEndExcluding": "68.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CE97332-80EC-4CDF-A18C-37CD645A8A12", "versionEndExcluding": "68.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2."}, {"lang": "es", "value": "Un b\u00fafer de pila de tama\u00f1o fijo podr\u00eda desbordarse en nrappkit cuando realiza la se\u00f1alizaci\u00f3n de WebRTC. Esto result\u00f3 en un bloqueo explotable potencialmente en algunos casos. Esta vulnerabilidad afecta a Firefox versiones anteriores a la versi\u00f3n 70, Thunderbird versiones anteriores a la versi\u00f3n 68.2 y Firefox ESR versiones anteriores a la versi\u00f3n 68.2."}], "id": "CVE-2019-11760", "lastModified": "2023-02-01T14:13:18.157", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-01-08T20:15:12.703", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking", "Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1577719"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202003-10"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4335-1/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-33/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-34/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-35/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}