Lucene search
Fluoroacetate (@fluoroacetate)ZDI-19-364HistoryApr 15, 2019 - 12:00 a.m.
(Pwn2Own) Mozilla Firefox Array.slice Out-Of-Bounds Write Remote Code Execution Vulnerability
2019-04-1500:00:00
fluoroacetate (@fluoroacetate)
www.zerodayinitiative.com
18
0.952 High
EPSS
Percentile
99.3%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of Array.slice when executed within JIT compiled code. By performing actions in JavaScript, an attacker can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox IonMonkey JIT Compiler Buffer Overflow (CVE-2019-9810)
2019-04-03 00:00:00
prion
prion
Buffer overflow
2019-04-26 17:29:00
ubuntucve
ubuntucve
CVE-2019-9810
2019-03-25 00:00:00
nvd
nvd
CVE-2019-9810
2019-04-26 17:29:04
packetstorm
packetstorm
Firefox Array.prototype.slice Buffer Overflow
2019-03-27 00:00:00
veracode
veracode
Buffer Overflow
2019-05-16 03:58:52
debiancve
debiancve
CVE-2019-9810
2019-04-26 17:29:04
cvelist
cvelist
CVE-2019-9810
2019-04-26 16:10:13
alpinelinux
alpinelinux
CVE-2019-9810
2019-04-26 17:29:04
zdt
zdt
Firefox 66.0.1 - Array.prototype.slice Buffer Overflow Exploit
2019-03-27 00:00:00
Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack Exploit
2019-12-09 00:00:00
redhatcve
redhatcve
CVE-2019-9810
2020-04-03 14:01:31
attackerkb
attackerkb
CVE-2019-9810
2019-04-26 00:00:00
cve
cve
CVE-2019-9810
2019-04-26 17:29:04
githubexploit
githubexploit
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox
2019-05-05 17:19:02
Exploit for Improper Input Validation in Mozilla Firefox Esr
2019-09-29 07:08:52
Exploit for Type Confusion in Mozilla Thunderbird
2020-04-13 15:11:46
openvas
openvas
Debian: Security Advisory (DLA-1727-1)
2019-03-25 00:00:00
Mageia: Security Advisory (MGASA-2019-0131)
2022-01-28 00:00:00
Huawei EulerOS: Security Advisory for firefox (EulerOS-SA-2019-1570)
2020-01-23 00:00:00
nessus
nessus
Mozilla Firefox < 66.0.1
2019-03-22 00:00:00
openSUSE Security Update : MozillaThunderbird (openSUSE-2019-1152)
2019-04-05 00:00:00
RHEL 6 : firefox (RHSA-2019:0672)
2019-03-28 00:00:00
osv
osv
firefox-esr - security update
2019-03-25 00:00:00
firefox-esr - security update
2019-03-24 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Thunderbird 60.6.1 — Mozilla
2019-03-25 00:00:00
Security vulnerabilities fixed in Firefox 60.6.1 — Mozilla
2019-03-22 00:00:00
Security vulnerabilities fixed in Firefox 66.0.1 — Mozilla
2019-03-22 00:00:00
oraclelinux
oraclelinux
firefox security update
2019-03-27 00:00:00
firefox security update
2019-03-28 00:00:00
thunderbird security update
2019-03-28 00:00:00
kaspersky
kaspersky
KLA11453 Multiple vulnerabilities in Mozilla Thunderbird
2019-03-25 00:00:00
KLA11450 Multiple vulnerabilities in Mozilla Firefox
2019-03-22 00:00:00
KLA11451 Multiple vulnerabilities in Mozilla Firefox ESR
2019-03-22 00:00:00
redhat
redhat
(RHSA-2019:0671) Critical: firefox security update
2019-03-27 07:14:51
(RHSA-2019:0672) Critical: firefox security update
2019-03-27 08:48:21
(RHSA-2019:0966) Critical: firefox security update
2019-05-07 03:37:57
exploitpack
exploitpack
Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack
2019-12-07 00:00:00
suse
suse
Security update for MozillaThunderbird (important)
2019-04-04 00:00:00
Security update for MozillaFirefox (important)
2019-03-29 00:00:00
Security update for MozillaFirefox (important)
2019-03-27 00:00:00
archlinux
archlinux
[ASA-201903-14] firefox: arbitrary code execution
2019-03-23 00:00:00
[ASA-201904-4] thunderbird: arbitrary code execution
2019-04-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 60.6.1-alt1
2019-03-23 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 60.6.1-alt1
2019-03-26 00:00:00
debian
debian
[SECURITY] [DLA 1727-1] firefox-esr security update
2019-03-25 13:12:18
[SECURITY] [DSA 4417-1] firefox-esr security update
2019-03-24 20:15:52
centos
centos
firefox security update
2019-04-01 19:07:32
firefox security update
2019-04-01 19:05:36
thunderbird security update
2019-04-01 19:08:08
slackware
slackware
[slackware-security] mozilla-firefox
2019-03-22 21:29:01
ubuntu
ubuntu
Firefox vulnerabilities
2019-03-25 00:00:00
Thunderbird vulnerabilities
2019-03-28 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerability
2019-04-05 21:12:59
Updated thunderbird packages fix security vulnerability
2019-04-05 21:12:59
ibm
ibm
Security Bulletin: Multiple Mozilla Firefox vulnerabilities in IBM SONAS
2019-07-08 08:55:01
exploitdb
exploitdb
Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack
2019-12-07 00:00:00
thn
thn
amazon
amazon
Critical: thunderbird
2019-04-25 16:37:00
gentoo
gentoo
Mozilla Thunderbird and Firefox: Multiple vulnerabilities
2019-04-02 00:00:00