← back
CVE-2019-9811

CVE-2019-9811

EPSS 2.6%
As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
Affected products
Mozilla · FirefoxMozilla · Firefox ESRMozilla · Thunderbird

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00055.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-07/msg00058.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=1538007https://bugzilla.mozilla.org/show_bug.cgi?id=1539598https://bugzilla.mozilla.org/show_bug.cgi?id=1563327https://lists.debian.org/debian-lts-announce/2019/08/msg00001.htmlhttps://lists.debian.org/debian-lts-announce/2019/08/msg00002.htmlhttps://security.gentoo.org/glsa/201908-12https://security.gentoo.org/glsa/201908-20