CVE-2019-11707
published 2019-07-23CVE-2019-11707: A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware…
PriorityP184high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITWEXPLOITInitial access
CISA Known Exploited Vulnerabilitydue 2022-06-13
Exploited in the wild
EPSS
37.95%
98.4th percentile
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 67.0.3-1 (sid) | firefox 67.0.3-1 (sid) |
| debian | firefox-esr | < firefox 67.0.3-1 (sid) | firefox 67.0.3-1 (sid) |
| debian | thunderbird | < firefox 67.0.3-1 (sid) | firefox 67.0.3-1 (sid) |
| mozilla | firefox | < 60.7.1 | 60.7.1 |
| mozilla | firefox | < 67.0.3 | 67.0.3 |
| mozilla | firefox | >= unspecified < 67.0.3 | 67.0.3 |
| mozilla | firefox_esr | >= unspecified < 60.7.1 | 60.7.1 |
| mozilla | thunderbird | < 60.7.2 | 60.7.2 |
| mozilla | thunderbird | >= 0 < 1:60.7.2-1 | 1:60.7.2-1 |
| mozilla | thunderbird | >= 0 < 1:60.7.2-1 | 1:60.7.2-1 |
| mozilla | thunderbird | >= 0 < 1:60.7.2-1 | 1:60.7.2-1 |
| mozilla | thunderbird | >= 0 < 1:60.7.2-1 | 1:60.7.2-1 |
| mozilla | thunderbird | >= 0 < 1:60.7.2+build2-0ubuntu0.16.04.1 | 1:60.7.2+build2-0ubuntu0.16.04.1 |
| mozilla | thunderbird | >= 0 < 1:60.7.2+build2-0ubuntu0.18.04.1 | 1:60.7.2+build2-0ubuntu0.18.04.1 |
| mozilla | thunderbird | >= unspecified < 60.7.2 | 60.7.2 |
Detection & IOCsextracted from sources · hover to see the quote
- →OSX.Mokes.B drops a zero-byte tracking file under ~/Library/Application Support/ with a hardcoded MD5 hash as the filename to record which of six hardcoded malware name sets has been used for persistence; presence of any of these six files is a host-based indicator of compromise. ↗
- →OSX.Mokes.B installs a LaunchAgent under ~/Library/LaunchAgents/ using one of six hardcoded name pairs (e.g. storeaccountd, Spotlightd, soagent, quicklookd, accountd, trustd); monitor LaunchAgents directory for unexpected entries matching these names. ↗
- →The CVE-2019-11707 exploit abuses IonMonkey JIT inlining of Array.pop; detection of exploit attempts can focus on JavaScript that sets a custom prototype on a sparse array and then calls Array.pop in a tight JIT-compiled loop, causing type confusion between Uint32Array and Uint8Array element access. ↗
- →CVE-2019-11707 was chained with CVE-2019-11708 (sandbox escape) in the wild; detections should consider both vulnerabilities being exploited together as part of the 'Hydseven' exploit chain. ↗
- →The exploit targets Firefox content (child) processes running at Low Integrity in an AppContainer; sandbox level security.sandbox.content.level must be at 2 or lower for the standalone payload to execute — monitor for about:config changes lowering this value. ↗
- ·Thunderbird is not exploitable via email delivery of this CVE because JavaScript execution is disabled when reading mail; the vulnerability only applies to Thunderbird in non-email contexts. ↗
- ·The standalone exploit (EDB-50691) only compromises the sandboxed Firefox content process and cannot by itself perform file I/O, network connections, or process execution; a secondary sandbox-escape exploit (CVE-2019-11708) is required for full system compromise. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv8.8HIGH
vulncheck8.8HIGH
cisa8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
vendor_ubuntu8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA
Mozilla Firefox and Thunderbird Type Confusion Vulnerability
cisa·2022-05-23·CVSS 8.8
CVE-2019-11707 [HIGH] CWE-843 Mozilla Firefox and Thunderbird Type Confusion Vulnerability
Vulnerability: Mozilla Firefox and Thunderbird Type Confusion Vulnerability
Affected: Mozilla Firefox and Thunderbird
Mozilla Firefox and Thunderbird contain a type confusion vulnerability that can occur when manipulating JavaScript objects due to issues in Array.pop, allowing for an exploitable crash.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2019-11707
Remediation Due Date: 2022-06-13
Ubuntu
Thunderbird vulnerabilities
vendor_ubuntu·2019-07-01·CVSS 8.8
CVE-2019-11707 [HIGH] Thunderbird vulnerabilities
Title: Thunderbird vulnerabilities
Summary: Several security issues were fixed in Thunderbird.
A type confusion bug was discovered in Thunderbird. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could exploit this by causing a denial of service, or
executing arbirary code. (CVE-2019-11707)
It was discovered that a sandboxed child process could open arbitrary web
content in the parent process via the Prompt:Open IPC message. When
combined with another vulnerability, an attacker could potentially exploit
this to execute arbitrary code. (CVE-2019-11708)
Instructions: After a standard system update you need to restart Thunderbird to make
all the necessary changes.
Red Hat
Mozilla: Type confusion in Array.pop
vendor_redhat·2019-06-19·CVSS 8.8
CVE-2019-11707 [HIGH] CWE-843 Mozilla: Type confusion in Array.pop
Mozilla: Type confusion in Array.pop
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.
Statement: In general, this flaw cannot be exploited through email in Thunderbird because scripting is disabled when reading mail.
Ubuntu
Firefox vulnerability
vendor_ubuntu·2019-06-19
CVE-2019-11707 Firefox vulnerability
Title: Firefox vulnerability
Summary: Firefox could be made to crash or run programs as your login if it
opened a malicious website.
A type confusion bug was discovered in Firefox. If a user were tricked in
to opening a specially crafted website, an attacker could exploit this by
causing a denial of service, or executing arbitrary code.
Instructions: After a standard system update you need to restart Firefox to make
all the necessary changes.
Debian
CVE-2019-11707: firefox - A type confusion vulnerability can occur when manipulating JavaScript objects du...
vendor_debian·2019·CVSS 8.8
CVE-2019-11707 [HIGH] CVE-2019-11707: firefox - A type confusion vulnerability can occur when manipulating JavaScript objects du...
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.
Scope: local
sid: resolved (fixed in 67.0.3-1)
GHSA
GHSA-8ffr-q7j8-h445: A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array
ghsa_unreviewed·2022-05-24
CVE-2019-11707 [HIGH] CWE-843 GHSA-8ffr-q7j8-h445: A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.
OSV
CVE-2019-11707: A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array
osv·2019-07-23·CVSS 8.8
CVE-2019-11707 [HIGH] CVE-2019-11707: A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.
OSV
thunderbird vulnerabilities
osv·2019-07-01·CVSS 8.8
CVE-2019-11707 [HIGH] thunderbird vulnerabilities
thunderbird vulnerabilities
A type confusion bug was discovered in Thunderbird. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could exploit this by causing a denial of service, or
executing arbirary code. (CVE-2019-11707)
It was discovered that a sandboxed child process could open arbitrary web
content in the parent process via the Prompt:Open IPC message. When
combined with another vulnerability, an attacker could potentially exploit
this to execute arbitrary code. (CVE-2019-11708)
VulnCheck
Mozilla Firefox and Thunderbird Type Confusion Vulnerability
vulncheck·2019·CVSS 8.8
CVE-2019-11707 [HIGH] CWE-843 Mozilla Firefox and Thunderbird Type Confusion Vulnerability
Mozilla Firefox and Thunderbird Type Confusion Vulnerability
Mozilla Firefox and Thunderbird contain a type confusion vulnerability that can occur when manipulating JavaScript objects due to issues in Array.pop, allowing for an exploitable crash.
Affected: Mozilla Firefox and Thunderbird
Required Action: Apply updates per vendor instructions.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Exploit PoC: https://vulncheck.com/xdb/20099b4eda22; https://vulncheck.com/xdb/f32e1037e391; https://vulncheck.com/xdb/0d7083f6f42d
Remediation Due: 2022-06-13
Project0
Project Zero RCA: CVE-2019-11707: IonMonkey Type Confusion in Array.Pop
project_zero·CVSS 8.8
CVE-2019-11707 [HIGH] Project Zero RCA: CVE-2019-11707: IonMonkey Type Confusion in Array.Pop
# CVE-2019-11707: IonMonkey Type Confusion in Array.Pop
*Samuel Groß, Project Zero (Originally posted on [Project Zero blog](https://googleprojectzero.blogspot.com/p/rca.html) 2020-07-27)*
## The Basics
**Disclosure or Patch Date:** 18 June 2019
**Product:** Mozilla Firefox
**Advisory:** https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/
**Affected Versions:** Firefox 67.0.2, likely earlier versions
**First Patched Version:** Firefox 67.0.3 and Firefox ESR 60.7.1
**Issue/Bug Report:**
* Project Zero issue: https://bugs.chromium.org/p/project-zero/issues/detail?id=1820
* Firefox issue: https://bugzilla.mozilla.org/show_bug.cgi?id=1544386
**Patch CL:** https://hg.mozilla.org/releases/mozilla-beta/rev/109cefe117fbdd1764097e06796960082f4fee4e
**Bug-Introducing CL:** Unkno
Project0
Project Zero RCA: CVE-2019-17026: Firefox Type Confusion in IonMonkey
project_zero·CVSS 8.8
CVE-2019-17026 [HIGH] Project Zero RCA: CVE-2019-17026: Firefox Type Confusion in IonMonkey
# CVE-2019-17026: Firefox Type Confusion in IonMonkey
*Samuel Groß, Project Zero (Originally posted on [Project Zero blog](https://googleprojectzero.blogspot.com/p/rca.html) 2020-08-05)*
## The Basics
**Disclosure or Patch Date:** 8 January 2020
**Product:** Mozilla Firefox
**Advisory:** https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/
**Affected Versions:**
**First Patched Version:** Firefox 72.0.1 and Firefox ESR 68.4.1
**Issue/Bug Report:** https://bugzilla.mozilla.org/show_bug.cgi?id=1607443
**Patch CL:** https://hg.mozilla.org/mozilla-central/rev/d6e40de88f3defdc12ef27e64ca73e120b1f10e2
**Bug-Introducing CL:**
* Adding StoreElementHole: https://hg.mozilla.org/mozilla-central/rev/550a780f73aeb23ea958cab93de141376aa12f3a
* Adding FallibleStoreElement: https://hg.
No detection rules found.
Exploit-DB
Mozilla Firefox 67 - Array.pop JIT Type Confusion
exploitdb·2022-02-02·CVSS 8.8
CVE-2019-11707 [HIGH] Mozilla Firefox 67 - Array.pop JIT Type Confusion
Mozilla Firefox 67 - Array.pop JIT Type Confusion
---
# Exploit Title: Mozilla Firefox 67 - Array.pop JIT Type Confusion
# Date: 2021-12-07
# Type: RCE
# Platform: Windows
# Exploit Author: deadlock (Forrest Orr)
# Author Homepage: https://forrest-orr.net
# Vendor Homepage: https://www.mozilla.org/en-US/
# Software Link: https://ftp.mozilla.org/pub/firefox/releases/65.0.1/win64/en-US/
# Version: Firefox 67.0.2 64-bit and earlier
# Tested on: Windows 10 x64
# CVE: CVE-2019-11707
# Bypasses: DEP, High Entropy ASLR, CFG
# Full Hydseven exploit chain with sandbox escape (CVE-2019-11708): https://github.com/forrest-orr/Exploits/tree/main/Chains/Hydseven
/*
_______ ___ ___ _______ _______ _______ _____ _______ _____ _____ _______ _______ _______
| _ | Y | _ |______| | _ | _ | _ |______| _ |
Exploit-DB
Mozilla Spidermonkey - IonMonkey 'Array.prototype.pop' Type Confusion
exploitdb·2019-06-26
CVE-2019-11707 Mozilla Spidermonkey - IonMonkey 'Array.prototype.pop' Type Confusion
Mozilla Spidermonkey - IonMonkey 'Array.prototype.pop' Type Confusion
---
The following program (found through fuzzing and manually modified) crashes Spidermonkey built from the current beta channel and Firefox 66.0.3 (current stable):
// Run with --no-threads for increased reliability
const v4 = [{a: 0}, {a: 1}, {a: 2}, {a: 3}, {a: 4}];
function v7(v8,v9) {
if (v4.length == 0) {
v4[3] = {a: 5};
}
// pop the last value. IonMonkey will, based on inferred types, conclude that the result
// will always be an object, which is untrue when p[0] is fetched here.
const v11 = v4.pop();
// Then if will crash here when dereferencing a controlled double value as pointer.
v11.a;
// Force JIT compilation.
for (let v15 = 0; v15 0x25a3b99b26cb: cmp qword ptr [rax], r11
0x25a3b99b26ce: jne 0x25a3b99b
Sentinelone
7 Ways Threat Actors Deliver macOS Malware in the Enterprise
blogs_sentinelone·2023-01-09
7 Ways Threat Actors Deliver macOS Malware in the Enterprise
Our 2022 review of macOS malware revealed that the threats faced by businesses and users running macOS endpoints included an increase in backdoors and cross-platform attack frameworks. Threats like CrateDepression and PyMafka used typosquatting attacks against package repositories to infect users, while ChromeLoader and others like oRAT leveraged malvertising as an infection vector.
However, the infection vector used by many other macOS threats remains unknown. SysJoker, OSX.Gimmick, CloudMensis, Alchimist and the Lazarus-attributed Operation In(ter)ception are just some of those for which researchers still do not know how victims were initially compromised. In these and other cases, researchers happened across the malware either in post-infection analyses or by discovering the samples on
Sentinelone
7 Ways Threat Actors Deliver macOS Malware in the Enterprise
blogs_sentinelone·2023-01-09
7 Ways Threat Actors Deliver macOS Malware in the Enterprise
Our 2022 review of macOS malware revealed that the threats faced by businesses and users running macOS endpoints included an increase in backdoors and cross-platform attack frameworks. Threats like CrateDepression and PyMafka used typosquatting attacks against package repositories to infect users, while ChromeLoader and others like oRAT leveraged malvertising as an infection vector.
However, the infection vector used by many other macOS threats remains unknown. SysJoker , OSX.Gimmick, CloudMensis, Alchimist and the Lazarus-attributed Operation In(ter)ception are just some of those for which researchers still do not know how victims were initially compromised. In these and other cases, researchers happened across the malware either in post-infection analyses or by discovering the samples o
Tenable
CVE-2019-17026: Zero-Day Vulnerability in Mozilla Firefox Exploited in Targeted Attacks
blogs_tenable·2020-01-08·CVSS 8.8
[HIGH] CVE-2019-17026: Zero-Day Vulnerability in Mozilla Firefox Exploited in Targeted Attacks
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Securelist
IT threat evolution Q2 2019. Statistics
blogs_securelist·2019-08-19
IT threat evolution Q2 2019. Statistics
Table of Contents
- Quarterly figures
- Mobile threats
- Attacks on Apple macOS
- IoT attacks
- Financial threats
- Ransomware programs
- Miners
- Vulnerable applications used by cybercriminals during cyber attacks
Authors
- Victor Chebyshev
- Fedor Sinitsyn
- Denis Parinov
- Boris Larin
- Oleg Kupreev
- Evgeny Lopatin
These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data.
## Quarterly figures
According to Kaspersky Security Network,
- Kaspersky solutions blocked 717,057,912 attacks launched from online resources in 203 countries across the globe.
- 217,843,293 unique URLs triggered Web Anti-Virus components.
- Attempted infections by malware designed to steal money via online access to bank accounts were
Sentinelone
How Two Firefox Zero Days Led to Two macOS Backdoors
blogs_sentinelone·2019-06-26·CVSS 8.8
[HIGH] How Two Firefox Zero Days Led to Two macOS Backdoors
Last week was a busy week for macOS malware. Along with a Gatekeeper POC being deployed in the wild only days after being published and a hulking 2.5GB cryptominer on the loose stealing resources from those tempted by pirate software, there was also the big reveal of two Firefox zero-days being used in the wild to deliver at least two different kinds of malware. These both turned out to be new variants of old friends: OSX.Netwire/Wirenet and OSX.Mokes, a backdoor that contains code indicative of recording user behaviour and exfiltrating it to a server in encrypted form.
In this post, we’ll review how the two Firefox zero days were used to achieve remote code execution , discuss the malware dropped by threat actors leveraging these zero days in the wild, and reveal six unpublished IOCs use
Sentinelone
How Two Firefox Zero Days Led to Two macOS Backdoors
blogs_sentinelone·2019-06-26·CVSS 8.8
[HIGH] How Two Firefox Zero Days Led to Two macOS Backdoors
Last week was a busy week for macOS malware. Along with a Gatekeeper POC being deployed in the wild only days after being published and a hulking 2.5GB cryptominer on the loose stealing resources from those tempted by pirate software, there was also the big reveal of two Firefox zero-days being used in the wild to deliver at least two different kinds of malware. These both turned out to be new variants of old friends: OSX.Netwire/Wirenet and OSX.Mokes, a backdoor that contains code indicative of recording user behaviour and exfiltrating it to a server in encrypted form.
In this post, we’ll review how the two Firefox zero days were used to achieve remote code execution, discuss the malware dropped by threat actors leveraging these zero days in the wild, and reveal six unpublished IOCs used
Tenable
CVE-2019-11707, CVE-2019-11708: Multiple Zero-Day Vulnerabilities in Mozilla Firefox Exploited in the Wild
blogs_tenable·2019-06-18·CVSS 8.8
[HIGH] CVE-2019-11707, CVE-2019-11708: Multiple Zero-Day Vulnerabilities in Mozilla Firefox Exploited in the Wild
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Bugzilla
CVE-2019-11707 thunderbird: Mozilla: Type confusion in Array.pop [fedora-all]
bugzilla·2019-06-21·CVSS 8.8
CVE-2019-11707 [HIGH] CVE-2019-11707 thunderbird: Mozilla: Type confusion in Array.pop [fedora-all]
CVE-2019-11707 thunderbird: Mozilla: Type confusion in Array.pop [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions
Bugzilla
CVE-2019-11707 Mozilla: Type confusion in Array.pop
bugzilla·2019-06-19·CVSS 8.8
CVE-2019-11707 [HIGH] CVE-2019-11707 Mozilla: Type confusion in Array.pop
CVE-2019-11707 Mozilla: Type confusion in Array.pop
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in `Array.pop`. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw.
External Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/#CVE-2019-11707
Discussion:
Acknowledgments:
Name: the Mozilla project
Upstream: Samuel Groß (Google Project Zero), Coinbase Security
---
Created firefox tracking bugs for this issue:
Affects: fedora-all [bug 1721801]
---
Created thunderbird tracking bugs for this issue:
Affects: fedora-all [bug 1722678]
---
Statement:
In general, this flaw cannot be exploited through email in Thunderbird because scripting is disabled when reading ma
Bugzilla
CVE-2019-11707 CVE-2019-11708 firefox: various flaws [fedora-all]
bugzilla·2019-06-19·CVSS 8.8
CVE-2019-11707 [HIGH] CVE-2019-11707 CVE-2019-11708 firefox: various flaws [fedora-all]
CVE-2019-11707 CVE-2019-11708 firefox: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora.
https://bugzilla.mozilla.org/show_bug.cgi?id=1544386https://security.gentoo.org/glsa/201908-12https://www.mozilla.org/security/advisories/mfsa2019-18/https://www.mozilla.org/security/advisories/mfsa2019-20/https://bugzilla.mozilla.org/show_bug.cgi?id=1544386https://security.gentoo.org/glsa/201908-12https://www.mozilla.org/security/advisories/mfsa2019-18/https://www.mozilla.org/security/advisories/mfsa2019-20/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11707
2019-07-23
Published
2022-05-23
Added to CISA KEV
Exploited in the wild