correction releases of Firefox 67.0.3 and 60.7.1, which fixed a critical (CVE-2019-11707) to crash the browser when executing malicious JavaScript code. The vulnerability is caused by a type handling issue in the Array.pop method. Access to detailed information . It is also not clear whether the problem is limited to the reported crash or could potentially be used to orchestrate the execution of malicious code.
Addition: By The US Cybersecurity and Infrastructure Security Agency (CISA) vulnerability allows an attacker to take control of a system and execute code with browser privileges. Moreover, the facts of attacks using this vulnerability have already been recorded. All users are advised to urgently install the released update.
Source: opennet.ru