Threat Landscape Dashboard

Assessing today's threats and the relationships between them


A remote code execution vulnerability has been discovered in Mozilla Firefox. The flaw affects Firefox prior to 67.0.4 and Firefox ESR prior to 60.7.2. The defect is due to how parameters passed with the Prompt:Open IPC message are vetted. Successful exploitation could allow an attacker to escape from the Firefox protected process and execute arbitrary code. The vulnerability is actively being exploited in the wild.
Name Modified Date Sources
CVE-2019-11708 2019-06-24