Mozilla Foundation Security Advisory 2019-10
Security vulnerabilities fixed in Firefox 60.6.1
- March 22, 2019
- Firefox ESR
- Fixed in
- Firefox ESR 60.6.1
#CVE-2019-9810: IonMonkey MArraySlice has incorrect alias information
- Richard Zhu and Amat Cama via Trend Micro's Zero Day Initiative
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow.
#CVE-2019-9813: Ionmonkey type confusion with __proto__ mutations
- Niklas Baumstark via Trend Micro's Zero Day Initiative
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write.