Main Vulnerability Database Vulnerabilities #VU18044

#VU18044 Resource management error in Mozilla Firefox - CVE-2019-9806

Published: March 21, 2019

Vulnerability identifier: #VU18044

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2019-9806

CWE-ID: CWE-399

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Mozilla Firefox

Software vendor:
Mozilla

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to browser does not limit the number of authorization prompts for FTP transactions, displaying unlimited number of modal prompts that cannot be dismissed. A remote attacker can trick the victim to connect to a malicious crafted FTP server and perform denial of service attack against the browser.

Remediation

Install updates from vendor's website.

External links

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/
https://bugzilla.mozilla.org/show_bug.cgi?id=1525267

#VU18044 Resource management error in Mozilla Firefox - CVE-2019-9806

Description

Remediation

External links

Please verify you're human