CVE-2019-9818 : A race condition is present in the crash generation server used to generate data

A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox escape. *Note: this vulnerability only affects Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

Published 2019-07-23 14:15:17

Updated 2021-07-21 11:39:24

Source Mozilla Corporation

View at NVD, CVE.org

Vulnerability category: Memory Corruption

Products affected by CVE-2019-9818

Mozilla » Firefox
Versions before (<) 67.0
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows » Version: N/A
Mozilla » Thunderbird
Versions before (<) 60.7
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows » Version: N/A
Mozilla » Firefox Esr
Versions before (<) 60.7
cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2019-9818

EPSS FAQ

0.34%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 54 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-9818

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.1	MEDIUM	AV:N/AC:H/Au:N/C:P/I:P/A:P	4.9	6.4	NIST
Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
8.3	HIGH	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H	1.6	6.0	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2019-9818

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

Assigned by: nvd@nist.gov (Primary)
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-9818

https://www.mozilla.org/security/advisories/mfsa2019-15/

Security vulnerabilities fixed in Thunderbird 60.7 — Mozilla
Vendor Advisory

CVEs referencing this url
https://www.mozilla.org/security/advisories/mfsa2019-13/

Security vulnerabilities fixed in Firefox 67 — Mozilla
Vendor Advisory

CVEs referencing this url
https://www.mozilla.org/security/advisories/mfsa2019-14/

Security vulnerabilities fixed in Firefox ESR 60.7 — Mozilla
Vendor Advisory

CVEs referencing this url
https://bugzilla.mozilla.org/show_bug.cgi?id=1542581

Access Denied
Issue Tracking;Permissions Required

Jump to

Vulnerability Details : CVE-2019-9818

Products affected by CVE-2019-9818

Exploit prediction scoring system (EPSS) score for CVE-2019-9818

CVSS scores for CVE-2019-9818

CWE ids for CVE-2019-9818

References for CVE-2019-9818