CVE-2019-17026
02.03.2020, 05:15
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
Vendor | Product | Version |
---|---|---|
mozilla | firefox | 𝑥 < 68.4.1 |
mozilla | firefox | 𝑥 < 72.0.1 |
mozilla | thunderbird | 𝑥 < 68.4.1 |
canonical | ubuntu_linux | 16.04 |
𝑥
= Vulnerable software versions

Debian Releases
Debian Product | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
firefox |
| ||||||||||||
firefox-esr |
| ||||||||||||
thunderbird |
|

Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
firefox |
| ||||||||||||||||||||||||||||
mozjs38 |
| ||||||||||||||||||||||||||||
mozjs52 |
| ||||||||||||||||||||||||||||
mozjs60 |
| ||||||||||||||||||||||||||||
thunderbird |
|
References