---

CVE-2019-11707 - log back

CVE-2019-11707 created at 25 Sep 2019 19:31:40
Severity	+ Critical
Remote	+ Remote
Type	+ Arbitrary code execution
Description	+ A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop, in Firefox before 67.0.3. This can allow for an exploitable crash. Mozilla has been made aware of targeted attacks in the wild abusing this flaw.
References	+ https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/#CVE-2019-11707 + https://bugzilla.mozilla.org/show_bug.cgi?id=1544386
Notes