2 matches found
CVE-2019-25136
A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox 70...
CVE-2019-25136
CVE-2019-25136 describes a vulnerability in Mozilla Firefox where a compromised child process could inject XBL Bindings into privileged CSS rules, allowing arbitrary code execution and a sandbox escape. Affected software is Firefox versions before 70; the root cause is manipulation of XBL binding...