ASA-2019-00430 – Mozilla Firefox and Thunderbird: Sandbox escape via installation of malicious language pack

As part of his winning Pwn2Own entry, Niklas Baumstark demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation.