Security vulnerabilities fixed in Firefox 62.0.3 and Firefox ESR 60.2.2

Status
Not open for further replies.
LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
CVE-2018-12386: Type confusion in JavaScript
Impact: critical

Description
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered.

CVE-2018-12387:
Impact: critical

Description
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process.
Click to expand...

Security vulnerabilities fixed in Firefox 62.0.3 and Firefox ESR 60.2.2
 
Last edited by a moderator:
  • Like
Reactions: stefanos, spaceoctopus, vtqhtr413 and 7 others
Status
Not open for further replies.

Similar threads

Gandalf_The_Grey
    • Like
    • Thanks
Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks
Replies
1
Views
1,518
News Archive
nicolaasjan
nicolaasjan
MuzzMelbourne
    • Applause
    • Like
    • +Reputation
New Update Chrome 114 Update Patches High-Severity Vulnerabilities
Replies
2
Views
483
Chrome & Chromium
Jonny Quest
Jonny Quest
CyberTech
    • +Reputation
Security News Veeam warns of critical bugs in Veeam ONE monitoring platform
Replies
0
Views
1,081
Security News
CyberTech
CyberTech

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top