CVE-2019-11758

Public on 2019-12-13

Modified on 2019-12-18

Description

A flaw was found in the 360 Total Security code in Firefox and Thunderbird. Memory corruption is possible in the accessibility engine that could lead to an exploit to run arbitrary code. This vulnerability could be exploited over a network connection and would affect confidentiality and integrity of information as well as availability of the system.

Severity

Important

See what this means

CVSS v3 Base Score

8.8

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory
Amazon Linux 2 - Core	thunderbird	2019-12-13 19:41	ALAS2-2019-1376

CVSS Scores

	Score Type	Score	Vector
Amazon Linux	CVSSv3	8.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
NVD	CVSSv2	6.8	AV:N/AC:M/Au:N/C:P/I:P/A:P
NVD	CVSSv3	8.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

Red Hat: CVE-2019-11758 Mitre: CVE-2019-11758 FAQs regarding Amazon Linux ALAS/CVE Severity