CVE-2019-9813

Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

Type confusion

Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

CVE-2019-9813

Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

WebKit JavaScriptCore - createRegExpMatchesArray Type Confusion

WebKit JavaScriptCore - createRegExpMatchesArray Type Confusion / Prerequisites ------------- In JavaScriptCore, JSObjects have an associated Structure: an object describing various aspects of the JSObject such as its type, its properties, and the type of elements being stored e.g. unboxed double...

Microsoft Edge Chakra Engine Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Analysis antivirus BitDefender integer overflow vulnerabilities Part II--exploit-vulnerability warning-the black bar safety net

Our last article reviewed from Pagefault submitted content, detailed description of the Bitdefender antivirus product of the integer overflow problem. Although only rely on the content of these is sufficient to the supplier to submit a bug report, but the Pagefault by providing a...

CVE-2017-5375

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

CVE-2017-5375

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

Memory corruption

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

CVE-2017-5375

CVE-2017-5375 affects Mozilla Thunderbird, Firefox ESR, and Firefox prior to certain version thresholds. The issue is a JIT code allocation vulnerability that can bypass ASLR and DEP, enabling memory corruption. Public exploit activity exists (ASM.JS JIT-Spray PoCs) for multiple Firefox versions ...

CVE-2017-5375

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

CVE-2017-5375

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

CVE-2017-5375

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

Microsoft Chakra String Concatenation Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the generation ...

Mozilla: Excessive JIT code allocation allows bypass of ASLR and DEP (MFSA 2017-02)

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

OPENSUSE-SU-2017:0354-1 Security update for MozillaThunderbird

This update to Mozilla Thunderbird 45.7.0 fixes security issues and bugs. The following security issues from advisory MFSA 2017-03 were fixed boo1021991 In general, these flaws cannot be exploited through email in Thunderbird because scripting is disabled when reading mail, but are potentially...

Mozilla Firefox < 51 Multiple Vulnerabilities

Binary data 9927.prm...

[ASA-201701-39] firefox: multiple issues

Arch Linux Security Advisory ASA-201701-39 ========================================== Severity: Critical Date : 2017-01-29 CVE-ID : CVE-2017-5373 CVE-2017-5374 CVE-2017-5375 CVE-2017-5376 CVE-2017-5377 CVE-2017-5378 CVE-2017-5379 CVE-2017-5380 CVE-2017-5381 CVE-2017-5382 CVE-2017-5383 CVE-2017-53...

Mozilla Firefox Security Advisories (MFSA2017-01, MFSA2017-02) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Mozilla: Excessive JIT code allocation allows bypass of ASLR and DEP (MFSA 2017-02)

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...