Rewterz

Rewterz Threat Advisory – Microsoft Internet Explorer Security Bypass Vulnerability

April 2, 2019
Rewterz

Rewterz Threat Advisory – F5 BIG-IP APM / Edge Client Security Bypass Vulnerability

April 2, 2019

Rewterz Threat Advisory – CVE-2019-9810 & CVE-2019-9813 – Firefox System Access Vulnerabilities

Analysis Summary

CVE-2019-9810

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow.

CVE-2019-9813

Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write.

Impact

System access

Affected Vendors

RedHat

Affected Products

Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Desktop 7
Red Hat Enterprise Linux Server 7
Red Hat Enterprise Linux Workstation 7

Remediation

Updated patches are available via Red Hat network

http://rhn.redhat.com

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.