CVE-2019-17021 - OpenCVE

During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:H/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows
Mozilla	Firefox Esr Firefox
Opensuse	Leap

Configuration 1 [-]

AND

OR	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox_esr::::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html	Mailing List Third Party Advisory
http://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.html	Exploit Third Party Advisory VDB Entry
https://bugzilla.mozilla.org/show_bug.cgi?id=1599008	Exploit Issue Tracking Permissions Required
https://seclists.org/bugtraq/2020/Jan/18	Mailing List Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2020-01/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2020-02/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mozilla

Published: 2020-01-08T21:29:40

Updated: 2020-01-22T18:06:16

Reserved: 2019-09-30T00:00:00

Link: CVE-2019-17021

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-01-08T22:15:12.653

Modified: 2022-01-01T20:02:27.457

Link: CVE-2019-17021

JSON object: View

Redhat Information

No data.

CWE

CWE-362

{"containers": {"cna": {"affected": [{"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"status": "affected", "version": "before 68.4"}]}, {"product": "Firefox", "vendor": "Mozilla", "versions": [{"status": "affected", "version": "before 72"}]}], "descriptions": [{"lang": "en", "value": "During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72."}], "problemTypes": [{"descriptions": [{"description": "Heap address disclosure in parent process during content process initialization on Windows", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-01-22T18:06:16", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1599008"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-01/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-02/"}, {"name": "20200112 [slackware-security] mozilla-thunderbird (SSA:2020-010-01)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2020/Jan/18"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.html"}, {"name": "openSUSE-SU-2020:0060", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html"}, {"name": "openSUSE-SU-2020:0094", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2019-17021", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firefox ESR", "version": {"version_data": [{"version_value": "before 68.4"}]}}, {"product_name": "Firefox", "version": {"version_data": [{"version_value": "before 72"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Heap address disclosure in parent process during content process initialization on Windows"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1599008", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1599008"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2020-01/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2020-01/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2020-02/", "refsource": "CONFIRM", "url": "https://www.mozilla.org/security/advisories/mfsa2020-02/"}, {"name": "20200112 [slackware-security] mozilla-thunderbird (SSA:2020-010-01)", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2020/Jan/18"}, {"name": "http://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.html"}, {"name": "openSUSE-SU-2020:0060", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html"}, {"name": "openSUSE-SU-2020:0094", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html"}]}}}}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2019-17021", "datePublished": "2020-01-08T21:29:40", "dateReserved": "2019-09-30T00:00:00", "dateUpdated": "2020-01-22T18:06:16", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "1398139B-C837-4BF4-8555-5D722B91F646", "versionEndExcluding": "72.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACE15104-6EDD-46EA-9596-28FEB99B563F", "versionEndExcluding": "68.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72."}, {"lang": "es", "value": "Durante la inicializaci\u00f3n de un nuevo proceso de contenido, ocurre una condici\u00f3n de carrera que puede permitir a un proceso de contenido revelar direcciones de la pila del proceso principal. * Nota: este problema solo ocurre en Windows. Otros sistemas operativos no est\u00e1n afectados. *. Esta vulnerabilidad afecta a Firefox ESR versiones anteriores a la versi\u00f3n 68.4 y Firefox versiones anteriores a la versi\u00f3n 72."}], "id": "CVE-2019-17021", "lastModified": "2022-01-01T20:02:27.457", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-01-08T22:15:12.653", "references": [{"source": "security@mozilla.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html"}, {"source": "security@mozilla.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html"}, {"source": "security@mozilla.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.html"}, {"source": "security@mozilla.org", "tags": ["Exploit", "Issue Tracking", "Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1599008"}, {"source": "security@mozilla.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2020/Jan/18"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-01/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-02/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}