CVE-2019-9798

HIGH Year: 2019
CVSS v3 Score
7.4
High
CVSS v2 Score
5.8
Medium
Weakness Type
CWE-426
View all →

Vulnerability Description

On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. *Note: This issue only affects Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66.

Related Vulnerabilities

CVE-2019-4606

HIGH
CVSS:7.4(High)

IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 could allow a local attacker to execute arbitrary code on the system, caused by an untrusted search path vulnerability. By using a executable f...

CWE-4262019

CVE-2025-21399

HIGH
CVSS:7.4(High)

Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability

CWE-4262025

CVE-2016-10837

HIGH
CVSS:7.5(High)

cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).

CWE-4262016

CVE-2018-10959

HIGH
CVSS:7.5(High)

Avecto Defendpoint 4 prior to 4.4 SR6 and 5 prior to 5.1 SR1 has an Untrusted Search Path vulnerability, exploitable by modifying environment variables to trigger automatic elevation of an attacker's ...

CWE-4262018

CVE-2018-6661

HIGH
CVSS:7.5(High)

DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature.

CWE-4262018

CVE-2018-6700

HIGH
CVSS:7.5(High)

DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware.

CWE-4262018