Ubuntu update for Firefox

1) Type Confusion

EUVDB-ID: #VU18824

Risk: Critical

CVSSv4.0: 8.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2019-11707

CWE-ID: CWE-843 - Type confusion

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a type confusion error when manipulating JavaScript objects due to issues in Array.pop. A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger a type confusion error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note: this vulnerability is being actively exploited in the wild along with SB2019062002 (CVE-2019-11708).

Mitigation

Update the affected packages.

Ubuntu 19.04

firefox - 67.0.3+build1-0ubuntu0.19.04.1

Ubuntu 18.10

firefox - 67.0.3+build1-0ubuntu0.18.10.1

Ubuntu 18.04 LTS

firefox - 67.0.3+build1-0ubuntu0.18.04.1

Ubuntu 16.04 LTS

firefox - 67.0.3+build1-0ubuntu0.16.04.1

Vulnerable software versions

firefox (Ubuntu package): 1.5.dfsg+1.5.0.6-4 - 67.0.2+build2-0ubuntu1

CPE2.3

• cpe:2.3:a:canonical:firefox_ubuntu_package:1.5.dfsg 1.5.0.6-4:*:*:*:*:ubuntu:*:*
• cpe:2.3:a:canonical:firefox_ubuntu_package:1.5.dfsg 1.5.0.6-5:*:*:*:*:ubuntu:*:*
• cpe:2.3:a:canonical:firefox_ubuntu_package:1.5.dfsg 1.5.0.7-1:*:*:*:*:ubuntu:*:*

External links

https://usn.ubuntu.com/4020-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.