---

CVE-2019-11757 - log back

CVE-2019-11757 edited at 26 Oct 2019 21:30:09
Severity	- Unknown + Critical
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary code execution
Description	+ A use-after-free issue has been found in the IndexedDB component of Firefox before 70.0 and Thunderbird before 68.2. When storing a value in IndexedDB, the value's prototype chain is followed and it was possible to retain a reference to a locale, delete it, and subsequently reference it.
References	+ https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11757 + https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11757 + https://bugzilla.mozilla.org/show_bug.cgi?id=1577107
Notes

CVE-2019-11757 created at 26 Oct 2019 17:45:26