Mozilla Releases Firefox 66.0.1 to Patch Two Critical Security Vulnerabilities
#1
Exclamation 
Quote:Mozilla released the first point release to its latest Firefox 66 web browser to address two critical security vulnerabilities exposed during the Pwn2Own hacking contest event.

Firefox 66.0.1 is now available, just a few days after the release of Firefox 66.0 earlier this week, to patch CVE-2019-9810 and CVE-2019-9813, two security vulnerabilities reported by Richard Zhu, Amat Cama, and Niklas Baumstark via Trend Micro's Zero Day Initiative.
 
According to the security advisory published by Mozilla on March 22nd, CVE-2019-9810 describes a buffer overflow issue and missing bounds check flaw in the Firefox 66.0 release due to incorrect alias information in the IonMonkey JIT compiler for the Array.prototype.slice method.
 
On the other hand, CVE-2019-9813 describes a "type confusion" issue in the IonMonkey JIT code affecting the Firefox 66.0 release that may let attackers read and write arbitrary memory, which was possible due to incorrect handling of __proto__ mutations.

SOURCE: https://news.softpedia.com/news/mozilla-...5408.shtml
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Messages In This Thread
Mozilla Releases Firefox 66.0.1 to Patch Two Critical Security Vulnerabilities - by silversurfer - 23 March 19, 14:40

Forum Jump:


Users browsing this thread: 2 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06
GFYI [Official] Revo Uninstaller Pro v5...
"Share feedback...damien76 — 09:01
GFYI [Official] SpyShelter PRO v15 Chri...
Merry Christmas and ...damien76 — 08:56
GFYI [Official] IObit Christmas 2024 Bl...
Merry Christmas and ...damien76 — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>