Firefox Zero-Day Vulnerability

ALERT-Sri Lanka CERT|CC - Firefox Zero-Day Vulnerability

Firefox Zero-Day Vulnerability 

Systems Affected

  • Firefox versions below 72.0.1
  • Firefox ESR versions below 68.4.1

Threat Level

High

Overview

Vulnerability allows an attacker to crash the application or perform code execution.

Description

Vulnerability (CVE-2019-17026) is currently available above Firefox versions on your windows, Linux or Mac. Vulnerability labeled as ‘type confusion vulnerability’ which resides on IonMonkey just-in-time (JIT) compiler of Mozilla’s Java Script engine called Spider Monkey.

Due to this vulnerability the code doesn’t verify what objects it is passed to and blindly uses it without checking its type, which will allow an attacker to crash the application or to perform code execution.

Impact

  • Crash the application.
  • Install backdoors and spyware.
  • Data and configuration modifications.
  • Distribute malicious programs.

Solution/ Workarounds

  • Update the latest version of the Mozilla’s Firefox on Windows, Linux and Mac.

References

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Rate this item
(0 votes)

Leave a comment

Dear valued users,

We welcome you to the PC World Magazine Website and appreciate your interest in commenting on our articles. This platform is intended for thoughtful discussions and exchanging ideas and information related to the topic of the article. However, please be mindful that we do not tolerate any illegal activities or marketing purposes. Misusing the comment section for such purposes will result in the immediate removal of the comment and could result in the termination of your account. We ask that you keep your comments respectful, on-topic, and relevant to the article. Additionally, please do not post personal information, hate speech, or offensive content. Thank you for your cooperation in creating a positive and productive environment for all users on the PC World Magazine Website.

Best regards,
PC World Magazine Team

362 comments

The Technology Video of The Day

Email Newsletter Subscription

Fill out the subscription form by providing your email address and name. Click on the "Subscribe" button to complete the process.


Receive HTML?

Thank you for choosing to stay updated with our latest news and offerings!
Joomla Extensions powered by Joobi

Articles Archive

Articles Calendar

« March 2023 »
Mon Tue Wed Thu Fri Sat Sun
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    
052709009
Today
Yesterday
This Week
Last Week
This Month
Last Month
All days
20291
54290
300240
51517721
1860347
1671166
52709009
Your IP: 23.22.35.162
2023-03-31 09:17
Go to top