Main Vulnerability Database Vulnerabilities #VU18044

Resource management error in Mozilla Firefox - CVE-2019-9806

Published: March 21, 2019

Vulnerability identifier: #VU18044

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2019-9806

CWE-ID: CWE-399

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Mozilla

Affected software:
Mozilla Firefox

Detailed vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to browser does not limit the number of authorization prompts for FTP transactions, displaying unlimited number of modal prompts that cannot be dismissed. A remote attacker can trick the victim to connect to a malicious crafted FTP server and perform denial of service attack against the browser.

How to mitigate CVE-2019-9806

Install updates from vendor's website.

Sources

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/
https://bugzilla.mozilla.org/show_bug.cgi?id=1525267

Resource management error in Mozilla Firefox - CVE-2019-9806

Detailed vulnerability description

How to mitigate CVE-2019-9806

Sources

Please verify you're human