|Number of vulnerabilities||1|
|CVE ID|| CVE-2019-11707
|Public exploit||This vulnerability is being exploited in the wild.|
|Vulnerable software versions||
Firefox ESR 60.7.0
Firefox ESR 60.6.3
Firefox ESR 60.6.2
Mozilla Firefox 67.0.2
Mozilla Firefox 67.0.1
Mozilla Firefox 67.0
Added information about additional vulnerability, exploited in the attack.
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
Array.pop. A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Note: this vulnerability is being actively exploited in the wild along with SB2019062002 (CVE-2019-11708).
Install updates from vendor's website.External links