Security News > 2019 > June > Mozilla plugs critical Firefox zero-day used in targeted attacks
2019-06-19 09:46
A critical Firefox zero-day remote code execution vulnerability is being abused in targeted attacks in the wild, Mozilla has warned on Tuesday. About the vulnerability (CVE-2019-11707) Mozilla did not share many details about the flaw – it simply stated that it is a type confusion vulnerability that can occur when manipulating JavaScript objects due to issues in Array.pop, and that it can trigger an exploitable crash. The flaw can be exploited to achieve arbitrary code … More → The post Mozilla plugs critical Firefox zero-day used in targeted attacks appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/_VylJnVKexI/
Related news
- Mozilla fixes Firefox zero-day actively exploited in attacks (source)
- Firefox Zero-Day Under Attack: Update Your Browser Immediately (source)
- Mozilla patches critical Firefox vuln that attackers are already exploiting (source)
- Fortinet warns of new critical FortiManager flaw used in zero-day attacks (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks (source)
- Rackspace monitoring data stolen in ScienceLogic zero-day attack (source)
- Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- Qualcomm patches high-severity zero-day exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-23 | CVE-2019-11707 | Type Confusion vulnerability in Mozilla Thunderbird A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. | 8.8 |