Lucene search
K

281 matches found

0day.today
0day.today
added 2021/05/13 12:0 a.m.297 views

Mozilla Firefox 72 IonMonkey - JIT Type Confusion Exploit

Exploit Title: Firefox 72 IonMonkey - JIT Type Confusion Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.mozilla.org/en-US/ Software Link: https://www.mozilla.org/en-US/firefox/new/ Versions: Firefox | | /| \ | |\ / / \ | | / | | / / / / |/ | /|/ \ / / || /|| / / / / /...

8.8CVSS8.9AI score0.86863EPSS
Exploits21
Exploit DB
Exploit DB
added 2021/05/13 12:0 a.m.701 views

Firefox 72 IonMonkey - JIT Type Confusion

Exploit Title: Firefox 72 IonMonkey - JIT Type Confusion Date: 2021-05-10 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.mozilla.org/en-US/ Software Link: https://www.mozilla.org/en-US/firefox/new/ Versions: Firefox | | /| \ | |\ / / \ | | / | | / / / / |/ | /|/ \ / / || /||...

8.8CVSS8.6AI score0.46589EPSS
Exploits7
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2019:0852-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.4AI score0.29514EPSS
Exploits24References10
RedHat Linux
RedHat Linux
added 2020/09/30 6:42 a.m.6 views

Mozilla: Type confusion for special arguments in IonMonkey

JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR 78.1, Firefox 79, and Thunderbird 78.1...

9.3CVSS7.3AI score0.01511EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2020/08/27 7:32 p.m.1692 views

Exploit for Type Confusion in Mozilla Firefox

CVE-2019-17026 - A Firefox JIT bug - Original bug caught in t...

8.8CVSS0.8AI score0.86863EPSS
Exploits21
RedHat Linux
RedHat Linux
added 2020/08/26 10:11 a.m.5 views

Mozilla: Type confusion for special arguments in IonMonkey

JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR 78.1, Firefox 79, and Thunderbird 78.1...

9.3CVSS7.3AI score0.01511EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/08/26 8:49 a.m.5 views

Mozilla: Type confusion for special arguments in IonMonkey

JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR 78.1, Firefox 79, and Thunderbird 78.1...

9.3CVSS7.3AI score0.01511EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/08/26 8:33 a.m.6 views

Mozilla: Type confusion for special arguments in IonMonkey

JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR 78.1, Firefox 79, and Thunderbird 78.1...

9.3CVSS7.3AI score0.01511EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/08/18 11:15 a.m.28 views

CVE-2019-9813

Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

8.8CVSS2.1AI score0.07387EPSS
Exploits4References3
RedhatCVE
RedhatCVE
added 2020/04/08 5:28 a.m.51 views

CVE-2019-9791

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...

9.8CVSS2.8AI score0.19762EPSS
Exploits6References3
RedhatCVE
RedhatCVE
added 2020/04/07 5:3 p.m.53 views

CVE-2019-9792

The IonMonkey just-in-time JIT compiler can leak an internal JSOPTIMIZEDOUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird...

9.8CVSS1.9AI score0.13197EPSS
Exploits5References3
RedhatCVE
RedhatCVE
added 2020/04/03 2:1 p.m.26 views

CVE-2019-9810

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

8.8CVSS3.9AI score0.29514EPSS
Exploits9References3
Tenable Nessus
Tenable Nessus
added 2020/03/08 12:0 a.m.36 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2020-0010)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - When pasting a tag from the clipboard into a rich text editor, the CSS sanitizer does not escape characters. Because the resulting string is...

8.8CVSS8.4AI score0.46589EPSS
Exploits8References6
NVD
NVD
added 2020/03/02 5:15 a.m.22 views

CVE-2019-17026

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR 68.4.1, Thunderbird 68.4.1, and Firefox 72.0.1...

8.8CVSS8AI score0.46589EPSS
Exploits7References7
OSV
OSV
added 2020/03/02 5:15 a.m.5 views

CVE-2019-17026

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR 68.4.1, Thunderbird 68.4.1, and Firefox 72.0.1...

8.8CVSS8AI score0.46589EPSS
Exploits7References7
OSV
OSV
added 2020/03/02 5:15 a.m.2 views

DEBIAN-CVE-2019-17026

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR 68.4.1, Thunderbird 68.4.1, and Firefox 72.0.1...

8.8CVSS8.6AI score0.46589EPSS
Exploits7References1
Prion
Prion
added 2020/03/02 5:15 a.m.24 views

Type confusion

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR 68.4.1, Thunderbird 68.4.1, and Firefox 72.0.1...

6.8CVSS7.9AI score0.46589EPSS
Exploits7References6Affected Software4
Vulnrichment
Vulnrichment
added 2020/03/02 4:5 a.m.5 views

CVE-2019-17026

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR 68.4.1, Thunderbird 68.4.1, and Firefox 72.0.1...

6AI score0.46589EPSS
Exploits7References6
Cvelist
Cvelist
added 2020/03/02 4:5 a.m.33 views

CVE-2019-17026

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR 68.4.1, Thunderbird 68.4.1, and Firefox 72.0.1...

8.2AI score0.46589EPSS
Exploits7References6
CVE
CVE
added 2020/03/02 4:5 a.m.1251 views

CVE-2019-17026

CVE-2019-17026 describes a type-confusion vulnerability in the IonMonkey JIT used by Mozilla products. The issue stems from incorrect alias information when storing array elements, enabling a type confusion that could be exploited for arbitrary code execution. Affected products include Firefox ES...

8.8CVSS8.1AI score0.46589EPSS
In wildExploits7References7Affected Software2
Rows per page
Query Builder