Geeks for your information

Geeks for your information > News > Browsers News & Tips > Mozilla Firefox 67.0.3 Patches Actively Exploited Zero-Day
Full Version: Mozilla Firefox 67.0.3 Patches Actively Exploited Zero-Day
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

silversurfer

19 June 19, 12:26
Quote:Mozilla released Firefox 67.0.3 and Firefox ESR 60.7.1 to patch an actively exploited and critical severity vulnerability which could allow attackers to remotely execute arbitrary code on machines running vulnerable Firefox versions.
 
As Mozilla's security advisory says, the Firefox developers are "aware of targeted attacks in the wild abusing this flaw" which could allow attackers who exploit this vulnerability to take control of affected systems.

The Firefox and Firefox ESR zero-day flaw fixed by Mozilla was reported by Google Project Zero's Samuel Groß and the Coinbase Security team.
The type confusion vulnerability tracked as CVE-2019-11707 occurs "when manipulating JavaScript objects due to issues in Array.pop."

SOURCE: https://www.bleepingcomputer.com/news/se...-zero-day/

harlan4096

20 June 19, 07:47
Additional Info: https://www.ghacks.net/2019/06/19/firefo...erability/
Geeks for your information > News > Browsers News & Tips > Mozilla Firefox 67.0.3 Patches Actively Exploited Zero-Day