|Type||Arbitrary code execution|
An out-of-bounds write vulnerability has been found in the NSS component of Firefox before 71.0. When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash.
|03 Dec 2019||ASA-201912-1||AVG-1071||firefox||Critical||multiple issues|