[MFSA-2019-09] Security vulnerabilities fixed in Firefox 66.0.1

Severity Critical
Affected Packages 1
Fixed Packages 1
CVEs 2
  • CVE-2019-9810: IonMonkey MArraySlice has incorrect alias information (critical)
    Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow.

  • CVE-2019-9813: Ionmonkey type confusion with proto mutations (critical)
    Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write.

Package Affected Version
pkg:mozilla/Firefox < 66.0.1
Package Fixed Version
pkg:mozilla/Firefox = 66.0.1
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:mozilla/Firefox Firefox < 66.0.1
Fixed pkg:mozilla/Firefox Firefox = 66.0.1
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date
Loading...