CVE-2019-17026
CVE-2019-17026
In short
The Firefox JavaScript engine (IonMonkey) incorrectly handles how it tracks memory locations when setting array elements, causing it to confuse different data types. This can allow attackers to run malicious code on your computer.
Technical detail
IonMonkey JIT compiler exhibits incorrect alias analysis (CWE-843) during array element writes, leading to type confusion that permits memory corruption. The vulnerability is exploitable through malicious JavaScript in web content without user interaction beyond visiting a compromised page; successful exploitation enables arbitrary code execution with the privileges of the Firefox process.
Summary generated and translated by AI from the official description.
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
public PoCs found — 4
githubgithub.com/maxpl0it/CVE-2019-17026-Exploit★ 47githubgithub.com/lsw29475/CVE-2019-17026★ 3cve_referencepacketstormsecurity.com/files/162568/Firefox-72-IonMonkey-JIT-Type-Confusion.htmlunverifiedexploitdbwww.exploit-db.com/exploits/49864unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/162568/Firefox-72-IonMonkey-JIT-Type-Confusion.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=1607443https://security.gentoo.org/glsa/202003-02https://usn.ubuntu.com/4335-1/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-17026https://www.mozilla.org/security/advisories/mfsa2020-03/https://www.mozilla.org/security/advisories/mfsa2020-04/