View Issue Details

IDProjectCategoryView StatusLast Update
0005997Kali Linux[All Projects] Tool Upgradepublic2020-01-15 02:49
Reporterentropyworks Assigned Tosbrun  
PrioritynormalSeverityminorReproducibilityhave not tried
Status assignedResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0005997: Security Vulnerabilities fixed in Firefox 72.0.1 and Firefox ESR 68.4.1
Descriptiontl;dr, targeted attacks in the wild abusing this flaw upgrade to Firefox ESR 68.4.1

https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/

Announced: January 8, 2020
Impact: critical
Products: Firefox, Firefox ESR
Fixed in:
        Firefox 72.0.1
        Firefox ESR 68.4.1

#CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement

Reporter: Qihoo 360 ATA
Impact: critical

Description

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw.

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2020-01-15 02:49 entropyworks New Issue
2020-01-15 02:49 entropyworks Status new => assigned
2020-01-15 02:49 entropyworks Assigned To => sbrun