CVE-2019-9792
CRITICALThunderbird <60.6, Firefox ESR <60.6, Firefox <66 - Memory Corruption
Title source: llmDescription
The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Google Security Research · textdosmultiple
https://www.exploit-db.com/exploits/46939
References (7)
Scores
CVSS v3
9.8
EPSS
0.1887
EPSS Percentile
95.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (10)
mozilla/firefox
< 60.6.0
mozilla/thunderbird
< 60.6.0
redhat/enterprise_linux
8.0
redhat/enterprise_linux_eus
8.1
redhat/enterprise_linux_eus
8.2
redhat/enterprise_linux_eus
8.4
redhat/enterprise_linux_server_aus
8.2
redhat/enterprise_linux_server_aus
8.4
redhat/enterprise_linux_server_tus
8.2
redhat/enterprise_linux_server_tus
8.4
Published
Apr 26, 2019
Tracked Since
Feb 18, 2026