{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-21T03:47:45.333","vulnerabilities":[{"cve":{"id":"CVE-2019-11751","sourceIdentifier":"security@mozilla.org","published":"2019-09-27T18:15:13.303","lastModified":"2026-06-17T02:13:34.007","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. <br>*Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1."},{"lang":"es","value":"Los parámetros de línea de comando relacionados con el Inicio de Sesión no son saneados apropiadamente cuando Firefox es iniciado por otro programa, tal y como cuando un usuario hace clic en enlaces maliciosos en una aplicación de chat. Esto puede ser usado para escribir un archivo de registro en una ubicación arbitraria, como en la carpeta \"Startup\" de Windows. <br>*Nota: este problema solo afecta a Firefox en los sistemas operativos Windows. *. Esta vulnerabilidad afecta a Firefox versiones anteriores a 69 y Firefox ESR versiones anteriores a 68.1."}],"affected":[{"source":"security@mozilla.org","affectedData":[{"vendor":"Mozilla","product":"Firefox","versions":[{"version":"unspecified","lessThan":"69","versionType":"custom","status":"affected"}]},{"vendor":"Mozilla","product":"Firefox ESR","versions":[{"version":"unspecified","lessThan":"68.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-88"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"69.0","matchCriteriaId":"299AA921-46BD-4E9F-8D74-F304F44C6EB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","versionEndExcluding":"68.1.0","matchCriteriaId":"D2105669-4D8A-43BB-8E5D-4398F6444FE0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","source":"security@mozilla.org"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","source":"security@mozilla.org"},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1572838","source":"security@mozilla.org","tags":["Issue Tracking","Permissions Required","Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-26/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1572838","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Permissions Required","Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-26/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}