mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-25 00:14:09 +02:00
0xMarcio
1.3 KiB
1.3 KiB
CVE-2019-9816
Description
A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all supported releases.. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
POC
Reference
No PoCs from references.
Github
- https://github.com/5211-yx/javascript_fuzzer
- https://github.com/RUB-SysSec/JIT-Picker
- https://github.com/TimerIzaya/fuzzilli-plus
- https://github.com/TimerIzaya/izayailli
- https://github.com/googleprojectzero/fuzzilli
- https://github.com/prosyslab/turbotv-fuzzilli
- https://github.com/zhangjiahui-buaa/MasterThesis