Mozilla issues fix for two critical vulnerabilities

News by Bradley Barth

The Mozilla Foundation has issued a security update for its Thunderbird open-source email client, fixing two critical vulnerabilities involving its IonMonkey JavaScript JIT (just-in-time) compiler.

The Mozilla Foundation has issued a security update for its Thunderbird open-source email client, fixing two critical vulnerabilities involving its IonMonkey JavaScript JIT (just-in-time) compiler.

The first of the two flaws, CVE-2019-9810, consists of incorrect alias information when using the Array.prototype.slice method, which could result in a missing bound check and buffer overflow. The second issue, CVE-2019-9813, is described as the mishandling of __proto__ mutations of, which can lead to type confusion in IonMonkey JIT code, allowing for arbitrary memory read and write.

Researchers Richard Zhu and Amat Cama of Trend Micro’s Zero Day Initiative are credited with discovering the first vulnerability, while Niklas Baumstark, also with Trend Micro’s Zero Day Initiative, found the second problem.

In its security advisory, Mozilla notes that these flaws generally "cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts." Nevertheless, version 60.6.1 of Thunderbird officially fixes both issues.

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event