mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-12 22:53:11 +00:00
1.1 KiB
1.1 KiB
CVE-2019-11752
Description
It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
POC
Reference
- https://bugzilla.mozilla.org/show_bug.cgi?id=1501152
- https://www.mozilla.org/security/advisories/mfsa2019-29/
Github
No PoCs found on GitHub currently.