CVE-2019-11714: Input Validation

Q: What is CVE-2019-11714?

CVE-2019-11714 is a vulnerability in Necko that allows it to access a child on the wrong thread during UDP connections, potentially leading to a crash.

Q: Which software is affected by CVE-2019-11714?

This vulnerability affects Mozilla Firefox versions up to and excluding 68 and Mozilla Thunderbird versions up to and excluding 68.

Q: What is the severity of CVE-2019-11714?

CVE-2019-11714 has a severity rating of 9.8 (Critical).

Q: How can I fix CVE-2019-11714?

To fix CVE-2019-11714, update Mozilla Firefox or Mozilla Thunderbird to version 68 or newer.

Q: Where can I find more information about CVE-2019-11714?

You can find more information about CVE-2019-11714 on the Mozilla Bugzilla and Mozilla Security Advisories websites.

Published Jul 9, 2019

Updated

Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances.

Affected Software

3 affected componentsFixes available

Mozilla Thunderbird<68

Mozilla Firefox<68

Mozilla Firefox<68.0

Event History

Jul 9, 2019

CVE Published

12:00 AM

Jul 23, 2019

CVE Published

via MITRE·01:18 PM

Data Sourced

via MITRE·01:18 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is CVE-2019-11714?

CVE-2019-11714 is a vulnerability in Necko that allows it to access a child on the wrong thread during UDP connections, potentially leading to a crash.

Which software is affected by CVE-2019-11714?

This vulnerability affects Mozilla Firefox versions up to and excluding 68 and Mozilla Thunderbird versions up to and excluding 68.

What is the severity of CVE-2019-11714?