what you don't know can hurt you
Showing 1 - 12 of 12 RSS Feed

CVE-2019-11707

Status Candidate

Overview

A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.

Related Files

Gentoo Linux Security Advisory 201908-12
Posted Aug 15, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201908-12 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 60.8.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-11707, CVE-2019-11708, CVE-2019-11709, CVE-2019-11710, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11714, CVE-2019-11715, CVE-2019-11716, CVE-2019-11717, CVE-2019-11718, CVE-2019-11719, CVE-2019-11720, CVE-2019-11721, CVE-2019-11723, CVE-2019-11724, CVE-2019-11725, CVE-2019-11727, CVE-2019-11728, CVE-2019-11729, CVE-2019-11730, CVE-2019-9811
MD5 | a8e68267ac356665d3881a395692ae9a
Red Hat Security Advisory 2019-1696-01
Posted Jul 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1696-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.2 ESR. Issues addressed include type confusion and sandbox escape vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2019-11707, CVE-2019-11708
MD5 | cbdcf1b81bf4297a845eb11a184de06d
Ubuntu Security Notice USN-4045-1
Posted Jul 2, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4045-1 - A type confusion bug was discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could exploit this by causing a denial of service, or executing arbitrary code. It was discovered that a sandboxed child process could open arbitrary web content in the parent process via the Prompt:Open IPC message. When combined with another vulnerability, an attacker could potentially exploit this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11707, CVE-2019-11708
MD5 | 9fa133151559c278017a960cc0132070
Red Hat Security Advisory 2019-1626-01
Posted Jun 27, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1626-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-11703, CVE-2019-11704, CVE-2019-11705, CVE-2019-11706, CVE-2019-11707, CVE-2019-11708
MD5 | ab66bd7b3f3b787d2754726abe00bb2a
Red Hat Security Advisory 2019-1623-01
Posted Jun 27, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1623-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-11703, CVE-2019-11704, CVE-2019-11705, CVE-2019-11706, CVE-2019-11707, CVE-2019-11708
MD5 | 6900ceed2680491fb84c578e925441ee
Red Hat Security Advisory 2019-1624-01
Posted Jun 27, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1624-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-11703, CVE-2019-11704, CVE-2019-11705, CVE-2019-11706, CVE-2019-11707, CVE-2019-11708
MD5 | 23863dedb0a81e448380af23218659bd
Red Hat Security Advisory 2019-1603-01
Posted Jun 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1603-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.2 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-11707, CVE-2019-11708
MD5 | 675058a76a749a72fabad40729743214
Red Hat Security Advisory 2019-1604-01
Posted Jun 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1604-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.2 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-11707, CVE-2019-11708
MD5 | b1a218a94df1e83bbc8cd4de433f9188
Debian Security Advisory 4471-1
Posted Jun 25, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4471-1 - Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2019-11707, CVE-2019-11708
MD5 | 6f3730ce82e081cc510350dd42e43f3a
Spidermonkey IonMonkey Incorrect Prediction
Posted Jun 25, 2019
Authored by saelo, Google Security Research

Spidermonkey IonMonkey incorrectly predicts return type of Array.prototype.pop, leading to type confusion vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2019-11707
MD5 | b9cfb835c09f9ff2359a0ac43fb9d908
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Jun 24, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-11707
MD5 | a78fbead12d5ee9863b7176a88824977
Ubuntu Security Notice USN-4020-1
Posted Jun 19, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4020-1 - A type confusion bug was discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this by causing a denial of service, or executing arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11707
MD5 | 76b4d5d9cbedc526395024c99cb24ee1
Page 1 of 1
Back1Next

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close