CVE-2019-11707 log

Source
Severity Critical
Remote Yes
Type Arbitrary code execution
Description
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop, in Firefox before 67.0.3. This can allow for an exploitable crash. Mozilla has been made aware of targeted attacks in the wild abusing this flaw.
Group Package Affected Fixed Severity Status Ticket
AVG-995 firefox-developer-edition 68.0b10-1 68.0b11-1 Critical Fixed
AVG-994 firefox 67.0.2-1 67.0.3-1 Critical Fixed
Date Advisory Group Package Severity Description
19 Jun 2019 ASA-201906-19 AVG-995 firefox-developer-edition Critical arbitrary code execution
19 Jun 2019 ASA-201906-18 AVG-994 firefox Critical arbitrary code execution
References
https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/#CVE-2019-11707
https://bugzilla.mozilla.org/show_bug.cgi?id=1544386