CVE-2019-9811

Source
Severity High
Remote Yes
Type Sandbox escape
Description
A sandbox escape has been found in Firefox before 68.0, by installing a malicious language pack and then opening a browser feature that used the compromised translation.
Group Package Affected Fixed Severity Status Ticket
AVG-1002 firefox 67.0.4-2 68.0-1 Critical Fixed
Date Advisory Group Package Severity Description
17 Jul 2019 ASA-201907-4 AVG-1002 firefox Critical multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-9811
https://bugzilla.mozilla.org/show_bug.cgi?id=1538007
https://bugzilla.mozilla.org/show_bug.cgi?id=1539598
https://bugzilla.mozilla.org/show_bug.cgi?id=1539759
https://bugzilla.mozilla.org/show_bug.cgi?id=1523741
https://bugzilla.mozilla.org/show_bug.cgi?id=1563327