CVE-2019-9810

Summary

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 66.0.1affected
MozillaFirefox ESRunspecified < 60.6.1affected
MozillaThunderbirdunspecified < 60.6.1affected

Weaknesses

  • IonMonkey MArraySlice has incorrect alias information

ADP Enrichment

CVE Program Container

Additional References

References