Firefox 67.0.4 released

H

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,026
AnnouncedJune 20, 2019.... another security fix

Impact : high
Products : Firefox, Firefox ESR

Fixed in
  • Firefox 67.0.4
  • Firefox ESR 60.7.2
#CVE-2019-11708: sandbox escape using Prompt:Open

Reporter : Coinbase Security
Impact : high

Description

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer.

Get it through your internal updater
 
Last edited:
  • Like
  • Thanks
Reactions: Zartarra, silversurfer, Moonhorse and 7 others

Similar threads

Gandalf_The_Grey
    • Like
    • Thanks
Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks
Replies
1
Views
1,509
News Archive
nicolaasjan
nicolaasjan
silversurfer
    • Like
    • +Reputation
    • Thanks
New Update Firefox 102: new ESR base and improved security
Replies
3
Views
1,095
Firefox
silversurfer
silversurfer
Gandalf_The_Grey
    • Like
    • +Reputation
ALPHV ransomware exploits Veritas Backup Exec bugs for initial access
Replies
0
Views
746
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top