CVE-2019-17005 Vulnerability Details

  /     /     /  

CVE-2019-17005 Metadata Quick Info

CVE Published: 08/01/2020 | CVE Updated: 05/08/2024 | CVE Year: 2019
Source: mozilla | Vendor: Mozilla | Product: Thunderbird
Status : PUBLISHED

CVE-2019-17005 Description

The plain text serializer used a fixed-size array for the number of
    elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

    Metrics

    CVSS Version: 3.1 | Base Score: n/a
    Vector: n/a

    l➤ Exploitability Metrics:
        Attack Vector (AV)*
        Attack Complexity (AC)*
        Privileges Required (PR)*
        User Interaction (UI)*
        Scope (S)*

    l➤ Impact Metrics:
        Confidentiality Impact (C)*
        Integrity Impact (I)*
        Availability Impact (A)*

    Weakness Enumeration (CWE)

    CWE-ID:
    CWE Name: Buffer overflow in plain text serializer
    Source: Mozilla

    Common Attack Pattern Enumeration and Classification (CAPEC)

    CAPEC-ID:
    CAPEC Description:


    Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2019-17005 Vulnerability Details