Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Mozilla Firefox 72.0.1 Patches Actively Exploited Zero-Day
#1
[Image: 6Ykm9HD.png]


Quote:Mozilla released Firefox 72.0.1 and Firefox ESR 68.4.1 to patch a critical and actively exploited severity vulnerability that could potentially allow attackers to execute code or trigger crashes on machines running vulnerable Firefox versions.

As Mozilla's security advisory says, the Firefox developers are "aware of targeted attacks in the wild abusing this flaw" which could make it possible for attackers who successfully exploit it to abuse affected systems.

The Firefox and Firefox ESR zero-day flaw fixed by Mozilla was reported by a research team from Qihoo 360 ATA.


The type confusion vulnerability tracked as CVE-2019-17026 impacts the web browser's IonMonkey Just-In-Time (JIT) compiler and it occurs when incorrect alias information is fed for setting array elements.

This type of security flaw can lead to out-of-bounds memory access in languages without memory safety which, in some circumstances, can lead to code execution or exploitable crashes.

Potential attackers could trigger the type confusion flaw by redirecting users of unpatched Firefox versions to maliciously crafted web pages.

Continue reading HERE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Apple emergency updates fix 3 new zero-days exploited in attacks mrtrout 0 487 09-21-2023 , 10:02 PM
Last Post: mrtrout
  VMware warns of critical vRealize flaw exploited in attacks mrtrout 0 381 06-21-2023 , 02:00 AM
Last Post: mrtrout
  Google Patches 48 Vulnerabilities With First Set of 2022 Android Updates mrtrout 0 538 01-06-2022 , 12:48 AM
Last Post: mrtrout
  Top Linux Vulnerabilities Exploited by Hackers mrtrout 0 504 08-27-2021 , 01:12 AM
Last Post: mrtrout
  Mozilla Fixes Firefox Flaw That Allowed Spoofing of HTTPS Browser Padlock Mohammad.Poorya 0 989 04-21-2021 , 07:08 PM
Last Post: Mohammad.Poorya

Forum Jump:


Users browsing this thread: 1 Guest(s)