Security News > 2019 > June > Firefox 67.0.4 Released — Mozilla Patches Second 0-Day Flaw This Week

Firefox 67.0.4 Released — Mozilla Patches Second 0-Day Flaw This Week
2019-06-21 09:18

Okay, folks, it's time to update your Firefox web browser once again—yes, for the second time this week. After patching a critical actively-exploited vulnerability in Firefox 67.0.3 earlier this week, Mozilla is now warning millions of its users about a second zero-day vulnerability that attackers have been found exploiting in the wild. The newly patched issue (CVE-2019-11708) is a "sandbox


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/AGtkT7rycFo/firefox-0day-vulnerability.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-07-23 CVE-2019-11708 Improper Input Validation vulnerability in Mozilla Firefox ESR
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process.
network
low complexity
mozilla CWE-20
critical
10.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Mozilla 29 13 631 583 266 1493