Oval Definition:oval:com.ubuntu.bionic:def:20199802000
Revision Date:2019-04-26Version:1
Title:CVE-2019-9802 on Ubuntu 18.04 LTS (bionic) - medium.
Description:If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and allow for a potential memory read of adjacent data from the privileged Chrome process, which may include sensitive data. This vulnerability affects Firefox < 66.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2019-9802
Platform(s):Ubuntu 18.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 18.04 LTS (bionic) is installed.
  • AND Package Information
  • The 'firefox' package in bionic was vulnerable but has been fixed (note: '66.0+build3-0ubuntu0.18.04.1').
  • OR The vulnerability of the 'mozjs38' package in bionic is not known (status: 'needs-triage'). It is pending evaluation.
  • OR The vulnerability of the 'mozjs52' package in bionic is not known (status: 'needs-triage'). It is pending evaluation.
  • BACK