CVE-2019-9797 - OpenCVE

Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox < 66.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Mozilla	Firefox

Configuration 1 [-]

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html
https://access.redhat.com/errata/RHSA-2019:1265
https://access.redhat.com/errata/RHSA-2019:1267
https://access.redhat.com/errata/RHSA-2019:1269
https://access.redhat.com/errata/RHSA-2019:1308
https://access.redhat.com/errata/RHSA-2019:1309
https://access.redhat.com/errata/RHSA-2019:1310
https://bugzilla.mozilla.org/show_bug.cgi?id=1528909	Issue Tracking Permissions Required Vendor Advisory
https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html
https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html
https://seclists.org/bugtraq/2019/May/56
https://seclists.org/bugtraq/2019/May/59
https://seclists.org/bugtraq/2019/May/67
https://usn.ubuntu.com/3997-1/
https://www.debian.org/security/2019/dsa-4448
https://www.debian.org/security/2019/dsa-4451
https://www.mozilla.org/security/advisories/mfsa2019-07/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mozilla

Published: 2019-04-26T16:13:22

Updated: 2019-06-28T14:06:06

Reserved: 2019-03-14T00:00:00

Link: CVE-2019-9797

JSON object: View

NVD Information

Status : Modified

Published: 2019-04-26T17:29:02.680

Modified: 2019-06-10T15:29:03.260

Link: CVE-2019-9797

JSON object: View

Redhat Information

No data.

CWE

CWE-346

{"containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "66", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox < 66."}], "problemTypes": [{"descriptions": [{"description": "Cross-origin theft of images with createImageBitmap", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-06-28T14:06:06", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-07/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1528909"}, {"name": "20190522 [slackware-security] mozilla-firefox (SSA:2019-141-01)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/May/56"}, {"name": "20190523 [SECURITY] [DSA 4448-1] firefox-esr security update", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/May/59"}, {"name": "DSA-4448", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2019/dsa-4448"}, {"name": "[debian-lts-announce] 20190523 [SECURITY] [DLA 1800-1] firefox-esr security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html"}, {"name": "RHSA-2019:1265", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1265"}, {"name": "RHSA-2019:1267", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1267"}, {"name": "RHSA-2019:1269", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1269"}, {"name": "DSA-4451", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2019/dsa-4451"}, {"name": "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/May/67"}, {"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html"}, {"name": "USN-3997-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3997-1/"}, {"name": "openSUSE-SU-2019:1484", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html"}, {"name": "RHSA-2019:1310", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1310"}, {"name": "RHSA-2019:1308", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1308"}, {"name": "RHSA-2019:1309", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1309"}, {"name": "openSUSE-SU-2019:1534", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html"}, {"name": "openSUSE-SU-2019:1664", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2019-9797", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firefox", "version": {"version_data": [{"version_affected": "<", "version_value": "66"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox < 66."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cross-origin theft of images with createImageBitmap"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2019-07/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2019-07/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1528909", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1528909"}, {"name": "20190522 [slackware-security] mozilla-firefox (SSA:2019-141-01)", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/May/56"}, {"name": "20190523 [SECURITY] [DSA 4448-1] firefox-esr security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/May/59"}, {"name": "DSA-4448", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4448"}, {"name": "[debian-lts-announce] 20190523 [SECURITY] [DLA 1800-1] firefox-esr security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html"}, {"name": "RHSA-2019:1265", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1265"}, {"name": "RHSA-2019:1267", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1267"}, {"name": "RHSA-2019:1269", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1269"}, {"name": "DSA-4451", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4451"}, {"name": "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/May/67"}, {"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html"}, {"name": "USN-3997-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3997-1/"}, {"name": "openSUSE-SU-2019:1484", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html"}, {"name": "RHSA-2019:1310", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1310"}, {"name": "RHSA-2019:1308", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1308"}, {"name": "RHSA-2019:1309", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1309"}, {"name": "openSUSE-SU-2019:1534", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html"}, {"name": "openSUSE-SU-2019:1664", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html"}]}}}}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2019-9797", "datePublished": "2019-04-26T16:13:22", "dateReserved": "2019-03-14T00:00:00", "dateUpdated": "2019-06-28T14:06:06", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF5B7642-9E9D-4578-9120-B95A6B198177", "versionEndExcluding": "66.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox < 66."}, {"lang": "es", "value": "Las im\u00e1genes de origen cruzado se pueden leer infringiendo la pol\u00edtica del mismo origen al exportar una imagen despu\u00e9s de utilizar createImageBitmap para leer la imagen y luego renderizar la imagen de mapa de bits resultante dentro de un elemento canvas. Esta vulnerabilidad afecta a Firefox, versiones anteriores a 66."}], "id": "CVE-2019-9797", "lastModified": "2019-06-10T15:29:03.260", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-04-26T17:29:02.680", "references": [{"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html"}, {"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html"}, {"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html"}, {"source": "security@mozilla.org", "url": "https://access.redhat.com/errata/RHSA-2019:1265"}, {"source": "security@mozilla.org", "url": "https://access.redhat.com/errata/RHSA-2019:1267"}, {"source": "security@mozilla.org", "url": "https://access.redhat.com/errata/RHSA-2019:1269"}, {"source": "security@mozilla.org", "url": "https://access.redhat.com/errata/RHSA-2019:1308"}, {"source": "security@mozilla.org", "url": "https://access.redhat.com/errata/RHSA-2019:1309"}, {"source": "security@mozilla.org", "url": "https://access.redhat.com/errata/RHSA-2019:1310"}, {"source": "security@mozilla.org", "tags": ["Issue Tracking", "Permissions Required", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1528909"}, {"source": "security@mozilla.org", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html"}, {"source": "security@mozilla.org", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html"}, {"source": "security@mozilla.org", "url": "https://seclists.org/bugtraq/2019/May/56"}, {"source": "security@mozilla.org", "url": "https://seclists.org/bugtraq/2019/May/59"}, {"source": "security@mozilla.org", "url": "https://seclists.org/bugtraq/2019/May/67"}, {"source": "security@mozilla.org", "url": "https://usn.ubuntu.com/3997-1/"}, {"source": "security@mozilla.org", "url": "https://www.debian.org/security/2019/dsa-4448"}, {"source": "security@mozilla.org", "url": "https://www.debian.org/security/2019/dsa-4451"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2019-07/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-346"}], "source": "nvd@nist.gov", "type": "Primary"}]}