ALAS2-2019-1250 — Vulnetix

ALAS2-2019-1250 PUBLISHED

Affected Products

Vendor	Product	Versions
Amazon	thunderbird

Exploit Intelligence

Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit. (github-poc-repo)
Exploit chain for CVE-2019-9791 & CVE-2019-11708 against firefox 65.0 on windows 64bit (github-poc-repo)
Proof of concept for CVE-2019-11707 (github-poc-repo)
Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit. (github-poc)
Proof of concept for CVE-2019-11707 (github-poc)
https://bugs.chromium.org/p/project-zero/issues/detail?id=1820 (github-poc)
Exploit code for CVE-2019-11707 on Firefox 66.0.3 running on Ubuntu (github-poc)
kev.json (github-poc)
data.js (github-poc)

Timeline

Jul 18, 2019 CVE Published

References

ALAS2-2019-1250: thunderbird (critical) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›