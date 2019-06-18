Log in
E-mail
Password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
Settings
Settings
Dynamic quotes 
OFFON

MarketScreener Homepage  >  News  >  Companies  >  All News

News : Companies
Latest NewsCompaniesMarketsEconomy & ForexCommoditiesInterest RatesBusiness LeadersFinance ProfessionalsCalendarSectors
All News
Analyst Recommendations
Rumors
IPOs
Capital Markets Transactions
New Contracts
Profits warnings
Appointments
Press Releases
Events
Corporate actions

CVE-2019-11707: Critical Type Confusion Zero-Day in Mozilla Firefox Exploited in the Wild

share with twitter share with LinkedIn share with facebook
share via e-mail
0
06/18/2019 | 09:54pm EDT

Security researchers discover a zero-day vulnerability in Mozilla Firefox used in targeted attacks.

Background

On June 18, the Mozilla Foundation published a security advisory to address a zero-day vulnerability in Mozilla Firefox being used in targeted attacks in the wild.

Analysis

According to the security advisory, CVE-2019-11707 is a type confusion vulnerability in Mozilla Firefox that can result in an exploitable crash due to issues in Array.pop which can occur when manipulating JavaScript objects.

The vulnerability was reported to Mozilla by Google Project Zero's Samuel Groß and the Coinbase Security team. Further details about the vulnerability and in-the-wild attacks are not public, as the Bugzilla report is currently restricted, and neither Google Project Zero nor Coinbase Security has published a blog about it. We believe this is to allow time for users to update to a patched version of Firefox.

Solution

Mozilla has released Firefox 67.0.3 and Firefox Extended Support Release (ESR) 60.7.1 to address this vulnerability.

Identifying affected systems

A list of Tenable plugins to identify this vulnerability will appear here as they're released.

Get more information

Join Tenable's Security Response Team on the Tenable Community.

Learn more about Tenable, the first Cyber Exposure platform for holistic management of your modern attack surface. Get a free 60-day trial of Tenable.io Vulnerability Management.

Disclaimer

Tenable Holdings Inc. published this content on 19 June 2019 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 19 June 2019 01:53:02 UTC
share with twitter share with LinkedIn share with facebook
share via e-mail
0
Latest news "Companies"
10:01pANTALYA HOMES : The number of Chinese visiting Turkey reached 400 thousand, increased by 70%
BU
10:01pTOKYO ELECTRON : Japan's exports fall for sixth straight month in May
AQ
09:57pA Qingdao delegation hosts a series of city promotional events in Hamburg, Germany to promote Qingdao as a center of vitality
PR
09:54pRBR : Anadarko Consortium Approves $20b Mozambique LNG Project
PU
09:54pCVE-2019-11707 : Critical Type Confusion Zero-Day in Mozilla Firefox Exploited in the Wild
PU
09:53pOrbiMed Comments on Takeda Pharmaceutical Company Limited Proxy Ahead of 143rd Ordinary General Meeting of Shareholders 2019
BU
09:44pHYRECAR : Ways for Delivery Drivers to Earn More Tips and Increase Hourly Income!
PU
09:43pFACEBOOK : U.S. lawmaker calls for Facebook to pause cryptocurrency project
RE
09:35pECOBANK GHANA : Emerged ‘Best Retail Bank in Africa' @ African Banker Awards
AQ
09:34pPACIFIC ALLIANCE CHINA LAND : Pacl nav
PU
Latest news "Companies"
Advertisement

MOST READ NEWS

1Oil climbs over $1/bbl on U.S.-China trade deal hopes, Mideast tension
2Oil extends gains amid Middle East tensions, U.S.-China trade deal hopes
3FACEBOOK : FACEBOOK : U.S. lawmaker calls for Facebook to pause cryptocurrency project
4ALPHABET : ALPHABET : Google invests $1 billion to ease housing shortage near California headquarters
5STEINHOFF INTERNATIONAL HOLDINGS NV : STEINHOFF INTERNATIONAL : Scandal-hit Steinhoff posts narrow $1.3 billio..

HOT NEWS
Categories
Free services
Mobile App
Premium service
About