CVE-2019-9816 log
Source |
|
Severity | High |
Remote | Yes |
Type | Access restriction bypass |
Description | A possible vulnerability exists in Firefox before 67.0 and Thunderbird before 60.7.0, where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. Note that this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all supported releases. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-966 | firefox | 66.0.5-1 | 67.0-1 | Critical | Fixed | |
AVG-965 | thunderbird | 60.6.1-2 | 60.7.0-1 | Critical | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
23 May 2019 | ASA-201905-9 | AVG-966 | firefox | Critical | multiple issues |
23 May 2019 | ASA-201905-8 | AVG-965 | thunderbird | Critical | multiple issues |