what you don't know can hurt you
Showing 1 - 13 of 13 RSS Feed

CVE-2019-9792

Status Candidate

Overview

The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.

Related Files

Spidermonkey IonMonkey JS_OPTIMIZED_OUT Value Leak
Posted May 28, 2019
Authored by saelo, Google Security Research

Spidermonkey IonMonkey can, during a bailout, leak an internal JS_OPTIMIZED_OUT magic value to the running script. This magic value can then be used to achieve memory corruption.

tags | exploit
advisories | CVE-2019-9792
MD5 | f548194e2e5ce1c18bacbf389f666b48
Red Hat Security Advisory 2019-1144-01
Posted May 13, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1144-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.6.1. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-18506, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796, CVE-2019-9810, CVE-2019-9813
MD5 | b7ca47a3d6471ddab077bde9f0d46789
Red Hat Security Advisory 2019-0966-01
Posted May 7, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0966-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.6.1 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-18506, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796, CVE-2019-9810, CVE-2019-9813
MD5 | 1bb3d9a161dd91237f0f9be179b24deb
Gentoo Linux Security Advisory 201904-07
Posted Apr 2, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201904-7 - Multiple vulnerabilities have been found in Mozilla Thunderbird and Firefox, the worst of which could lead to the execution of arbitrary code. Versions less than 60.6.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-5824, CVE-2018-18335, CVE-2018-18356, CVE-2018-18500, CVE-2018-18501, CVE-2018-18505, CVE-2018-18506, CVE-2018-18509, CVE-2018-18512, CVE-2018-18513, CVE-2019-5785, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796, CVE-2019-9810, CVE-2019-9813
MD5 | 92ba9e8ee880006ba890f285ed44030d
Debian Security Advisory 4420-1
Posted Apr 1, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4420-1 - Multiple security issues have been found in the Thunderbird mail client, which could lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2018-18506, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796
MD5 | 9c341e17cb151e9b9a82c377fba7c543
Ubuntu Security Notice USN-3927-1
Posted Mar 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3927-1 - It was discovered that Thunderbird allowed PAC files to specify that requests to localhost are sent through the proxy to another server. If proxy auto-detection is enabled, an attacker could potentially exploit this to conduct attacks on local services and tools. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2018-18506, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9810
MD5 | 0d66fa4f21353894c143dec150943113
Red Hat Security Advisory 2019-0681-01
Posted Mar 28, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0681-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.6.1. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-18506, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796, CVE-2019-9810, CVE-2019-9813
MD5 | 01ac391f7e90be5fbb1920c893aadf29
Red Hat Security Advisory 2019-0680-01
Posted Mar 28, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0680-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.6.1. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-18506, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796, CVE-2019-9810, CVE-2019-9813
MD5 | 1f9333cb1d74207d12f7fc3b22528d84
Ubuntu Security Notice USN-3918-2
Posted Mar 25, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3918-2 - USN-3918-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubuntu 14.04 LTS. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, denial of service via successive FTP authorization prompts or modal alerts, trick the user with confusing permission request prompts, obtain sensitive information, conduct social engineering attacks, or execute arbitrary code. A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. If a user were tricked in to opening a specially crafted website with Spectre mitigations disabled, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. It was discovered that Upgrade-Insecure-Requests was incorrectly enforced for same-origin navigation. An attacker could potentially exploit this to conduct man-in-the-middle attacks. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-9788, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9797, CVE-2019-9799, CVE-2019-9803, CVE-2019-9805, CVE-2019-9808, CVE-2019-9809
MD5 | 3cc54cc98b969abde01121cb96a68dd0
Ubuntu Security Notice USN-3918-1
Posted Mar 22, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3918-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, denial of service via successive FTP authorization prompts or modal alerts, trick the user with confusing permission request prompts, obtain sensitive information, conduct social engineering attacks, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-9788, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9797, CVE-2019-9799, CVE-2019-9802, CVE-2019-9803, CVE-2019-9805, CVE-2019-9808, CVE-2019-9809
MD5 | 7a027189c82bdc87f59c8d573a89c651
Debian Security Advisory 4411-1
Posted Mar 21, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4411-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2018-18506, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796
MD5 | a55828919dc149d864f25e35999b7b7d
Red Hat Security Advisory 2019-0623-01
Posted Mar 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0623-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.6.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-18506, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796
MD5 | ff510861267b5328f8b5c0f5348eb1ed
Red Hat Security Advisory 2019-0622-01
Posted Mar 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0622-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.6.0 ESR. Issues addressed include a use-after-free vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2018-18506, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796
MD5 | 3c1f530646d87e122ac4fe44de5a8ce6
Page 1 of 1
Back1Next

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    9 Files
  • 29
    Jul 29th
    12 Files
  • 30
    Jul 30th
    9 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close