Описание
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-17026
- https://bugzilla.mozilla.org/show_bug.cgi?id=1607443
- https://security.gentoo.org/glsa/202003-02
- https://usn.ubuntu.com/4335-1
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-17026
- https://www.mozilla.org/security/advisories/mfsa2020-03
- https://www.mozilla.org/security/advisories/mfsa2020-04
- http://packetstormsecurity.com/files/162568/Firefox-72-IonMonkey-JIT-Type-Confusion.html
Связанные уязвимости
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
Incorrect alias information in IonMonkey JIT compiler for setting arra ...
Уязвимость JIT-компилятора IonMonkey браузеров Firefox и Firefox ESR, связанная с доступом к ресурсу через несовместимые типы, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании