CVE-2019-11691 log
Source |
|
Severity | Critical |
Remote | Yes |
Type | Arbitrary code execution |
Description | A use-after-free vulnerability can occur in Firefox before 67.0 and Thunderbird before 60.7.0, when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially exploitable crash. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-966 | firefox | 66.0.5-1 | 67.0-1 | Critical | Fixed | |
AVG-965 | thunderbird | 60.6.1-2 | 60.7.0-1 | Critical | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
23 May 2019 | ASA-201905-9 | AVG-966 | firefox | Critical | multiple issues |
23 May 2019 | ASA-201905-8 | AVG-965 | thunderbird | Critical | multiple issues |