CVE-2019-11707 log

Severity Critical
Remote Yes
Type Arbitrary code execution
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop, in Firefox before 67.0.3. This can allow for an exploitable crash. Mozilla has been made aware of targeted attacks in the wild abusing this flaw.
Group Package Affected Fixed Severity Status Ticket
AVG-995 firefox-developer-edition 68.0b10-1 68.0b11-1 Critical Fixed
AVG-994 firefox 67.0.2-1 67.0.3-1 Critical Fixed
Date Advisory Group Package Severity Type
19 Jun 2019 ASA-201906-19 AVG-995 firefox-developer-edition Critical arbitrary code execution
19 Jun 2019 ASA-201906-18 AVG-994 firefox Critical arbitrary code execution