Security News > 2019 > June > Mozilla plugs critical Firefox zero-day used in targeted attacks
2019-06-19 09:46
A critical Firefox zero-day remote code execution vulnerability is being abused in targeted attacks in the wild, Mozilla has warned on Tuesday. About the vulnerability (CVE-2019-11707) Mozilla did not share many details about the flaw – it simply stated that it is a type confusion vulnerability that can occur when manipulating JavaScript objects due to issues in Array.pop, and that it can trigger an exploitable crash. The flaw can be exploited to achieve arbitrary code … More → The post Mozilla plugs critical Firefox zero-day used in targeted attacks appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/_VylJnVKexI/
Related news
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- Ivanti warns of new Connect Secure flaw used in zero-day attacks (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- Critical zero-days impact premium WordPress real estate plugins (source)
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) (source)
- SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-23 | CVE-2019-11707 | Type Confusion vulnerability in Mozilla Thunderbird A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. | 8.8 |