Main Vulnerability Database Vulnerabilities #VU24056

#VU24056 Information disclosure in Mozilla Firefox - CVE-2019-17018

Published: January 7, 2020 / Updated: January 8, 2020

Vulnerability identifier: #VU24056

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2019-17018

CWE-ID: CWE-200

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Mozilla Firefox

Software vendor:
Mozilla

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

When in Private Browsing Mode on Windows 10, the Windows keyboard may retain word suggestions to improve the accuracy of the keyboard. As a result, a local user can gain access to data, used during Private Browsing Mode.

Remediation

Install updates from vendor's website.

External links

https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/

#VU24056 Information disclosure in Mozilla Firefox - CVE-2019-17018

Description

Remediation

External links

Please verify you're human