ZDI-23-1467: Mozilla Firefox JIT Boolean Conversion Uninitialized Variable Remote Code Execution Vulnerability

Sept. 27, 2023, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

arbitrary code attackers code code execution conversion exploit file firefox jit malicious mozilla mozilla firefox page remote code remote code execution target variable vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-557: Kofax Power PDF JPF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 2 days ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +16

ZDI-24-556: Kofax Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 2 days ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +16

ZDI-24-555: Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 2 days ago | www.zerodayinitiative.com

attackers cvss disclosure exploit +16

ZDI-24-529: (Pwn2Own) VMware Workstation UrbBuf_getDataBuf Uninitialized Variable Information Disclosure Vulnerability 2 days ago | www.zerodayinitiative.com

attacker attackers code cves +22

ZDI-24-528: (Pwn2Own) VMware Workstation hgfsVMCI_fileread Use of Uninitialized Variable Information Disclosure Vulnerability 2 days ago | www.zerodayinitiative.com

attacker attackers code cvss +21

ZDI-24-527: (Pwn2Own) [Collision] VMWare Workstation VBluetoothHCI_PacketOut Use-After-Free Privilege Escalation Vulnerability 2 days ago | www.zerodayinitiative.com

attacker attackers code collision +24

ZDI-24-554: Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability 2 days ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +15

ZDI-24-553: Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability 2 days ago | www.zerodayinitiative.com

arbitrary code attackers code code execution +15

ZDI-24-552: Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability 2 days ago | www.zerodayinitiative.com

attackers cvss disclosure exploit +15

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com

all InfoSec news

ZDI-23-1467: Mozilla Firefox JIT Boolean Conversion Uninitialized Variable Remote Code Execution Vulnerability

More from www.zerodayinitiative.com / ZDI: Published Advisories

Jobs in InfoSec / Cybersecurity

CyberSOC Technical Lead

Cyber Security Strategy Consultant

Cyber Security Senior Consultant

Sr. Product Manager

Corporate Intern - Information Security (Year Round)

Senior Offensive Security Engineer