CVE-2019-11693

EPSS 2.4%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 2.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

23 Jul 2019Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. This could result in malicious content freezing a tab or triggering a potentially exploitable crash. *Note: this issue only occurs on Linux. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

Affected products

Mozilla · Firefox Mozilla · Firefox ESR Mozilla · Thunderbird

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1532525 https://www.mozilla.org/security/advisories/mfsa2019-13/https://www.mozilla.org/security/advisories/mfsa2019-14/https://www.mozilla.org/security/advisories/mfsa2019-15/