Описание
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 5 | thunderbird | Out of support scope | ||
| Red Hat Enterprise Linux 6 | firefox | Fixed | RHSA-2020:0086 | 13.01.2020 |
| Red Hat Enterprise Linux 6 | thunderbird | Fixed | RHSA-2020:0123 | 16.01.2020 |
| Red Hat Enterprise Linux 7 | firefox | Fixed | RHSA-2020:0085 | 13.01.2020 |
| Red Hat Enterprise Linux 7 | thunderbird | Fixed | RHSA-2020:0120 | 16.01.2020 |
| Red Hat Enterprise Linux 8 | firefox | Fixed | RHSA-2020:0111 | 14.01.2020 |
| Red Hat Enterprise Linux 8 | thunderbird | Fixed | RHSA-2020:0127 | 16.01.2020 |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | thunderbird | Fixed | RHSA-2020:0292 | 30.01.2020 |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | firefox | Fixed | RHSA-2020:0295 | 30.01.2020 |
Показывать по
Дополнительная информация
Статус:
8.8 High
CVSS3
Связанные уязвимости
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
Incorrect alias information in IonMonkey JIT compiler for setting arra ...
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
Уязвимость JIT-компилятора IonMonkey браузеров Firefox и Firefox ESR, связанная с доступом к ресурсу через несовместимые типы, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
8.8 High
CVSS3