OVAL Reference oval:com.ubuntu.cosmic:def:201998020000000

Oval Definition:

oval:com.ubuntu.cosmic:def:201998020000000

Revision Date:	2019-04-26	Version:	1
Title:	CVE-2019-9802 on Ubuntu 18.10 (cosmic) - medium.
Description:	If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and allow for a potential memory read of adjacent data from the privileged Chrome process, which may include sensitive data. This vulnerability affects Firefox < 66.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2019-9802
Platform(s):	Ubuntu 18.10	Product(s):
Definition Synopsis
Ubuntu 18.10 (cosmic) is installed. AND Package Information firefox package in cosmic was vulnerable but has been fixed (note: '66.0+build3-0ubuntu0.18.10.1'). OR mozjs52: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life'). OR mozjs60: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life').