ASA-2019-00387 – Mozilla Firefox and Thunderbird: Sandbox escape using Prompt:Open

Posted on by Allele Security Intelligence in Alerts

Allele Security Alert

ASA-2019-00387

Identifier(s)

ASA-2019-00387, CVE-2019-11708, MFSA2019-19, MFSA2019-20

Title

Sandbox escape using Prompt:Open

Vendor(s)

Mozilla

Product(s)

Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird

Affected version(s)

Mozilla Firefox versions before 67.0.4
Mozilla Firefox ESR versions before 60.7.2
Mozilla Thunderbird versions before 60.7.2

Fixed version(s)

Mozilla Firefox version 67.0.4
Mozilla Firefox ESR version 60.7.2
Mozilla Thunderbird version 60.7.2

Proof of concept

Unknown

Description

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user’s computer.

Technical details

Unknown

Credits

Coinbase Security

Reference(s)

Security vulnerabilities fixed in Firefox 67.0.4 and Firefox ESR 60.7.2
https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/#CVE-2019-11708

Security vulnerabilities fixed in Thunderbird 60.7.2
https://www.mozilla.org/en-US/security/advisories/mfsa2019-20/#CVE-2019-11708

Bug 1559858
https://bugzilla.mozilla.org/show_bug.cgi?id=1559858

CVE-2019-11708
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11708

CVE-2019-11708
https://nvd.nist.gov/vuln/detail/CVE-2019-11708

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: July 23, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.