exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

CVE-2019-11707

Status Candidate

Overview

A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.

Related Files

Mozilla Firefox 67 Array.pop JIT Type Confusion
Posted Feb 2, 2022
Authored by deadlock

Mozilla Firefox version 67 Array.pop JIT type confusion exploit with sandbox escape.

tags | exploit
advisories | CVE-2019-11707, CVE-2019-11708
SHA-256 | ea77bcb04a25a270665e987ce8e0f9878c2f6fe16545ba359cd08d31ae8178ab
Gentoo Linux Security Advisory 201908-12
Posted Aug 15, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201908-12 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 60.8.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-11707, CVE-2019-11708, CVE-2019-11709, CVE-2019-11710, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11714, CVE-2019-11715, CVE-2019-11716, CVE-2019-11717, CVE-2019-11718, CVE-2019-11719, CVE-2019-11720, CVE-2019-11721, CVE-2019-11723, CVE-2019-11724, CVE-2019-11725, CVE-2019-11727, CVE-2019-11728, CVE-2019-11729, CVE-2019-11730, CVE-2019-9811
SHA-256 | 9c1b71d78a94d040a45e2a38d652fada76b7a84a057a50826157ff452c810ac7
Red Hat Security Advisory 2019-1696-01
Posted Jul 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1696-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.2 ESR. Issues addressed include type confusion and sandbox escape vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2019-11707, CVE-2019-11708
SHA-256 | 6868d88de09c5062976837f949eef83757cfd8e7bd5b0903c21f69b9b80981ed
Ubuntu Security Notice USN-4045-1
Posted Jul 2, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4045-1 - A type confusion bug was discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could exploit this by causing a denial of service, or executing arbitrary code. It was discovered that a sandboxed child process could open arbitrary web content in the parent process via the Prompt:Open IPC message. When combined with another vulnerability, an attacker could potentially exploit this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11707, CVE-2019-11708
SHA-256 | aa2a3d5a29ffb6eaa26e48d80b587fa95ee89cdc07e1e1255730f2aedfbf81c0
Red Hat Security Advisory 2019-1626-01
Posted Jun 27, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1626-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-11703, CVE-2019-11704, CVE-2019-11705, CVE-2019-11706, CVE-2019-11707, CVE-2019-11708
SHA-256 | 8b9b8d6cf3822cc19ee197bca2a176146e339b89f859f9e5e5358cb75d1c8c64
Red Hat Security Advisory 2019-1623-01
Posted Jun 27, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1623-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-11703, CVE-2019-11704, CVE-2019-11705, CVE-2019-11706, CVE-2019-11707, CVE-2019-11708
SHA-256 | a862b1d7e05af64177914350e809feb8d4aba2124b6e1b3bbfc12c843966458e
Red Hat Security Advisory 2019-1624-01
Posted Jun 27, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1624-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-11703, CVE-2019-11704, CVE-2019-11705, CVE-2019-11706, CVE-2019-11707, CVE-2019-11708
SHA-256 | a32ac12e95b7d4d2133ede322d4ddb074852b0bb68a2a054b2117624ff9845bb
Red Hat Security Advisory 2019-1603-01
Posted Jun 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1603-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.2 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-11707, CVE-2019-11708
SHA-256 | 1c3f2ab92856bea753598266e0cc7112742e48a1357ca4f5bcdf1245036a66c2
Red Hat Security Advisory 2019-1604-01
Posted Jun 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1604-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.2 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-11707, CVE-2019-11708
SHA-256 | efd19650a5c49f811bbd4c75bac4c43febd3026a5a92342fc9aa1c76b748f966
Debian Security Advisory 4471-1
Posted Jun 25, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4471-1 - Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2019-11707, CVE-2019-11708
SHA-256 | 4efa717e1288d15a4d933ab0a6403d42fc7d8662286f3a6e0d8b5818ccf16912
Spidermonkey IonMonkey Incorrect Prediction
Posted Jun 25, 2019
Authored by saelo, Google Security Research

Spidermonkey IonMonkey incorrectly predicts return type of Array.prototype.pop, leading to type confusion vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2019-11707
SHA-256 | 9e304ae2a07d3108f6f5ef85d1c28d031eea4e4fd06da0f3643edab9e09c52ee
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Jun 24, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-11707
SHA-256 | b47d7df6556725e46113ce7a9f4050b612e0a4f0d34456f40e8a05665685954a
Ubuntu Security Notice USN-4020-1
Posted Jun 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4020-1 - A type confusion bug was discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this by causing a denial of service, or executing arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11707
SHA-256 | fb8b2a25173508d0607dd8e1ffe802213ef2cd244f2130f58b92a4854975a0e9
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close