- Oct 9, 2016
- 6,034
AnnouncedJune 20, 2019.... another security fix
Impact : high
Products : Firefox, Firefox ESR
Fixed in
Reporter : Coinbase Security
Impact : high
Description
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer.
Get it through your internal updater
Impact : high
Products : Firefox, Firefox ESR
Fixed in
- Firefox 67.0.4
- Firefox ESR 60.7.2
Reporter : Coinbase Security
Impact : high
Description
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer.
Get it through your internal updater
Last edited: