---

CVE-2018-12386 - log back

CVE-2018-12386 created at 25 Sep 2019 19:31:40
Severity	+ Critical
Remote	+ Remote
Type	+ Arbitrary code execution
Description	+ A vulnerability has been found in Firefox before 62.0.3 in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered.
References	+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/#CVE-2018-12386 + https://bugzilla.mozilla.org/show_bug.cgi?id=1493900
Notes