FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
firefox < 67.0.3,1
waterfox < 56.2.11
firefox-esr < 60.7.1,1

Details

VuXML ID 0cea6e0a-7a39-4dac-b3ec-dbc13d404f76
Discovery 2019-06-18
Entry 2019-06-19
Modified 2019-06-20

Mozilla Foundation reports:

CVE-2019-11707: Type confusion in Array.pop

A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw.

References

CVE Name CVE-2019-11707
URL https://www.mozilla.org/security/advisories/mfsa2019-18/