CVE-2019-11759 - log back

CVE-2019-11759 edited at 26 Oct 2019 21:27:10
Description
- A stack-based buffer overflow has been found in the HKDF output of Firefox before 70.0 and Thunderbird before 68.2. An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack
+ A stack-based buffer overflow has been found in the HKDF output of Firefox before 70.0 and Thunderbird before 68.2. An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack.
CVE-2019-11759 edited at 26 Oct 2019 21:27:03
Severity
- Unknown
+ Critical
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ A stack-based buffer overflow has been found in the HKDF output of Firefox before 70.0 and Thunderbird before 68.2. An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11759
+ https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11759
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1577953
Notes
CVE-2019-11759 created at 26 Oct 2019 17:45:26