Vulnerability Database
296,746
Total vulnerabilities in the database
CVE-2019-9791
The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR). This allows for possible arbitrary reading and writing of objects during an exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
| Software | From | Fixed in |
|---|---|---|
| mozilla / firefox | - | 66.0 |
| mozilla / firefox_esr | - | 60.6.0 |
| mozilla / thunderbird | - | 60.6.0 |
| redhat / enterprise_linux | 8.0 | 8.0.x |
| redhat / enterprise_linux_eus | 8.1 | 8.1.x |
| redhat / enterprise_linux_eus | 8.2 | 8.2.x |
| redhat / enterprise_linux_server_tus | 8.2 | 8.2.x |
| redhat / enterprise_linux_server_aus | 8.2 | 8.2.x |
| redhat / enterprise_linux_server_tus | 8.4 | 8.4.x |
| redhat / enterprise_linux_eus | 8.4 | 8.4.x |
| redhat / enterprise_linux_server_aus | 8.4 | 8.4.x |
- https://access.redhat.com/errata/RHSA-2019:0966
- https://access.redhat.com/errata/RHSA-2019:1144
- https://bugzilla.mozilla.org/show_bug.cgi?id=1530958
- https://www.mozilla.org/security/advisories/mfsa2019-07/
- https://www.mozilla.org/security/advisories/mfsa2019-08/
- https://www.mozilla.org/security/advisories/mfsa2019-11/
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime