Security News > 2019 > June > Mozilla plugs critical Firefox zero-day used in targeted attacks

Mozilla plugs critical Firefox zero-day used in targeted attacks
2019-06-19 09:46

A critical Firefox zero-day remote code execution vulnerability is being abused in targeted attacks in the wild, Mozilla has warned on Tuesday. About the vulnerability (CVE-2019-11707) Mozilla did not share many details about the flaw – it simply stated that it is a type confusion vulnerability that can occur when manipulating JavaScript objects due to issues in Array.pop, and that it can trigger an exploitable crash. The flaw can be exploited to achieve arbitrary code … More → The post Mozilla plugs critical Firefox zero-day used in targeted attacks appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/_VylJnVKexI/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-07-23 CVE-2019-11707 Type Confusion vulnerability in Mozilla Thunderbird
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop.
network
low complexity
mozilla CWE-843
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Mozilla 29 13 631 583 266 1493