Security vulnerabilities fixed in Firefox 60.6.1
- March 22, 2019
- Firefox ESR
- Fixed in
- Firefox ESR 60.6.1
- Richard Zhu and Amat Cama via Trend Micro's Zero Day Initiative
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow.
- Niklas Baumstark via Trend Micro's Zero Day Initiative
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write.