N/A

The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.

N/A

N/A

Mozilla Firefox和Firefox ESR 缓冲区错误漏洞

Mozilla Firefox和Mozilla Firefox ESR都是美国Mozilla基金会的产品。Mozilla Firefox是一款开源Web浏览器。Mozilla Firefox ESR是Firefox(Web浏览器)的一个延长支持版本。 Mozilla Firefox 66之前版本和Firefox ESR 60.6之前版本中存在缓冲区错误漏洞。远程攻击者可通过诱使用户访问特制的网站利用该漏洞造成拒绝服务（内存损坏和崩溃）。

N/A

N/A