CVE-2019-11730

MEDIUM

Firefox - Info Disclosure

Title source: llm

Description

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and they may uploaded to a server. It was demonstrated that in combination with a popular Android messaging app, if a malicious HTML attachment is sent to a user and they opened that attachment in Firefox, due to that app's predictable pattern for locally-saved file names, it is possible to read attachments the victim received from other correspondents. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

Exploits (2)

nomisec WORKING POC

by lihuaiqiu · poc

https://github.com/lihuaiqiu/CVE-2019-11730

View Code ZIP pw:eip

inthewild

poc

https://github.com/alidnf/cve-2019-11730

View on inthewild

References (13)

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00055.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00058.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html

[Issue Tracking, Permissions Required] https://bugzilla.mozilla.org/show_bug.cgi?id=1558299

[Mailing List, Third Party Advisory] https://lists.debian.org/debian-lts-announce/2019/08/msg00001.html

[Mailing List, Third Party Advisory] https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html

[Third Party Advisory] https://security.gentoo.org/glsa/201908-12

[Third Party Advisory] https://security.gentoo.org/glsa/201908-20

[Vendor Advisory] https://www.mozilla.org/security/advisories/mfsa2019-21/

[Vendor Advisory] https://www.mozilla.org/security/advisories/mfsa2019-22/

[Vendor Advisory] https://www.mozilla.org/security/advisories/mfsa2019-23/

Scores

CVSS v3 6.5

EPSS 0.1971

EPSS Percentile 95.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

Status published

Products (7)

debian/debian_linux 8.0

mozilla/firefox < 68.0

mozilla/firefox_esr < 60.8

mozilla/thunderbird < 60.8

opensuse/leap 15.0

opensuse/leap 15.1

suse/package_hub

Published Jul 23, 2019

Tracked Since Feb 18, 2026