Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.

References

bugzilla.redhat.com/show_bug.cgi?id=1789214

nvd.nist.gov/vuln/detail/CVE-2019-17026

www.cve.org/CVERecord?id=CVE-2019-17026

www.mozilla.org/en-US/security/advisories/mfsa2020-03/#CVE-2019-17026

cisa 1

veracode 1

cisa_kev 1

nvd 1

symantec 1

debiancve 1

nessus 59

archlinux 2

mozilla 2

openvas 30

osv 4

checkpoint_advisories 1

debian 5

cvelist 1

avleonov 1

prion 1

thn 1

kaspersky 3

cve 1

ubuntucve 1

attackerkb 1

alpinelinux 1

packetstorm 2

zdt 2

exploitdb 2

githubexploit 1

talosblog 1

centos 4

oraclelinux 6

redhat 8

mageia 2

amazon 1

threatpost 1

suse 2

altlinux 1

slackware 1

ubuntu 3

photon 1

securelist 1

gentoo 1

qualysblog 1

cisa

Mozilla Patches Critical Vulnerability

2020-01-08 00:00:00

veracode

Arbitrary Code Execution

2020-01-18 01:01:54

cisa_kev

Mozilla Firefox And Thunderbird Type Confusion Vulnerability

2021-11-03 00:00:00

nvd

CVE-2019-17026

2020-03-02 05:15:12

symantec

Mozilla Firefox and Firefox ESR CVE-2019-17026 Type Confusion Remote Code Execution Vulnerability

2020-01-08 00:00:00

debiancve

CVE-2019-17026

2020-03-02 05:15:12

nessus

Mozilla Firefox < 72.0.1

2020-01-08 00:00:00

Mozilla Firefox ESR < 68.4.1

2020-01-08 00:00:00

Debian DLA-2093-1 : firefox-esr security update

2020-02-03 00:00:00

archlinux

[ASA-202001-3] firefox: arbitrary code execution

2020-01-10 00:00:00

[ASA-202001-4] thunderbird: multiple issues

2020-01-14 00:00:00

mozilla

Security Vulnerabilities fixed in Firefox 72.0.1 and Firefox ESR 68.4.1 — Mozilla

2020-01-08 00:00:00

Security Vulnerabilities fixed in Thunderbird 68.4.1 — Mozilla

2020-01-10 00:00:00

openvas

Mozilla Firefox Security Advisories (MFSA2020-03, MFSA2020-03) - Mac OS X

2020-01-09 00:00:00

Debian: Security Advisory (DLA-2093-1)

2020-02-02 00:00:00

Mozilla Firefox ESR Security Advisories (MFSA2020-03, MFSA2020-03) - Windows

2020-01-09 00:00:00

osv

firefox-esr - security update

2020-02-01 00:00:00

thunderbird - security update

2020-01-17 00:00:00

thunderbird - security update

2020-01-20 00:00:00

checkpoint_advisories

Mozilla Firefox IonMonkey JIT Compiler Type Confusion (CVE-2019-17026)

2022-02-21 00:00:00

debian

[SECURITY] [DLA 2093-1] firefox-esr security update

2020-02-01 04:15:49

[SECURITY] [DSA 4600-1] firefox-esr security update

2020-01-09 09:21:23

[SECURITY] [DLA 2071-1] thunderbird security update

2020-01-20 11:40:56

cvelist

CVE-2019-17026

2020-03-02 04:05:03

avleonov

0day RCE in Firefox

2020-01-12 02:06:26

prion

Type confusion

2020-03-02 05:15:00

thn

Critical Firefox 0-Day Under Active Attacks – Update Your Browser Now!

2020-01-09 10:34:00

kaspersky

KLA11630 Type confusion vulnerability in Mozilla Firefox

2020-01-08 00:00:00

KLA11631 Type confusion vulnerability in Mozilla Firefox ESR

2020-01-08 00:00:00

KLA11635 Multiple vulnerabilities in Mozilla Thunderbird

2020-01-10 00:00:00

cve

CVE-2019-17026

2020-03-02 05:15:12

ubuntucve

CVE-2019-17026

2020-01-09 00:00:00

attackerkb

CVE-2019-17026

2020-03-02 00:00:00

alpinelinux

CVE-2019-17026

2020-03-02 05:15:12

packetstorm

Firefox 72 IonMonkey JIT Type Confusion

2021-05-13 00:00:00

Mozilla Firefox 67 Array.pop JIT Type Confusion

2022-02-02 00:00:00

zdt

Mozilla Firefox 72 IonMonkey - JIT Type Confusion Exploit

2021-05-13 00:00:00

Mozilla Firefox 67 - Array.pop JIT Type Confusion Exploit

2022-02-02 00:00:00

exploitdb

Firefox 72 IonMonkey - JIT Type Confusion

2021-05-13 00:00:00

Mozilla Firefox 67 - Array.pop JIT Type Confusion

2022-02-02 00:00:00

githubexploit

Exploit for Type Confusion in Mozilla Firefox

2020-08-27 19:32:07

talosblog

Threat Source newsletter (Jan. 9, 2019)

2020-01-10 07:13:41

centos

thunderbird security update

2020-01-18 14:40:44

thunderbird security update

2020-01-18 14:41:32

firefox security update

2020-01-14 17:25:32

oraclelinux

firefox security update

2020-01-13 00:00:00

thunderbird security update

2020-01-18 00:00:00

thunderbird security update

2020-07-07 00:00:00

redhat

(RHSA-2020:0127) Important: thunderbird security update

2020-01-16 12:26:13

(RHSA-2020:0120) Important: thunderbird security update

2020-01-16 10:45:20

(RHSA-2020:0123) Important: thunderbird security update

2020-01-16 10:46:52

mageia

Updated thunderbird packages fix security vulnerabilities

2020-01-12 02:52:04

Updated firefox packages fix security vulnerability

2020-01-09 23:11:02

amazon

Important: thunderbird

2020-02-10 23:43:00

threatpost

Mozilla Updates Firefox Browser: Zero-Day Bug Patched, Fingerprinting Nixed

2020-01-08 18:04:42

suse

Security update for MozillaThunderbird (important)

2020-01-22 00:00:00

Security update for MozillaFirefox (important)

2020-01-15 00:00:00

altlinux

Security fix for the ALT Linux 10 package thunderbird version 68.4.1-alt1

2020-01-11 00:00:00

slackware

[slackware-security] mozilla-thunderbird

2020-01-11 00:19:13

ubuntu

Firefox vulnerabilities

2020-01-09 00:00:00

Thunderbird vulnerabilities

2020-01-16 00:00:00

Thunderbird vulnerabilities

2020-04-21 00:00:00

photon

Important Photon OS Security Update - PHSA-2023-3.0-0649

2023-09-14 00:00:00

securelist

IT threat evolution Q1 2020. Statistics

2020-05-20 10:00:43

gentoo

Mozilla Firefox: Multiple vulnerabilities

2020-03-12 00:00:00

qualysblog

Managing CISA Known Exploited Vulnerabilities with Qualys VMDR

2022-02-23 05:39:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.526

Percentile

97.6%

JSON

Related for RH:CVE-2019-17026