Information disclosure in Mozilla Firefox - CVE-2019-17018
Published: January 7, 2020 / Updated: January 8, 2020
Vulnerability identifier: #VU24056
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2019-17018
CWE-ID: CWE-200
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Mozilla
Affected software:
Mozilla Firefox
Mozilla Firefox
Detailed vulnerability description
The vulnerability allows a local user to gain access to potentially sensitive information.
When in Private Browsing Mode on Windows 10, the Windows keyboard may retain word suggestions to improve the accuracy of the keyboard. As a result, a local user can gain access to data, used during Private Browsing Mode.
How to mitigate CVE-2019-17018
Install updates from vendor's website.