{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T21:07:22.092","vulnerabilities":[{"cve":{"id":"CVE-2019-9796","sourceIdentifier":"security@mozilla.org","published":"2019-04-26T17:29:02.477","lastModified":"2025-11-25T17:50:16.803","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. When a registration is later freed with the removal of the animation controller element, the refresh driver incorrectly leaves a dangling pointer to the driver's observer array. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66."},{"lang":"es","value":"Una vulnerabilidad de uso después de liberación de memoria puede darse cuando el controlador de animación SMIL registra incorrectamente con el controlador de actualización dos veces cuando sólo se espera un único registro. Cuando se libera un registro con la eliminación del elemento de controlador de animación, el controlador de actualización deja incorrectamente un puntero pendiente en la matriz de observadores del controlador. Esta vulnerabilidad afecta a Thunderbird, versiones anteriores a 60.6, Firefox ESR, versiones anteriores a 60.6 y Firefox. versiones anteriores a 66."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"60.6.0","matchCriteriaId":"0EBDA447-2B6B-484B-A50E-998729000755"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"66.0","matchCriteriaId":"DF5B7642-9E9D-4578-9120-B95A6B198177"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","versionEndExcluding":"60.6.0","matchCriteriaId":"87CE431A-9E72-4288-ADA2-7A8E69A5AB6C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2019:0966","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:1144","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1531277","source":"security@mozilla.org","tags":["Issue Tracking","Permissions Required","Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-07/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-08/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-11/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:0966","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:1144","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1531277","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Permissions Required","Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-07/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-08/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-11/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}