PT-2020-16580 · Microsoft+3 · Windows+5

Tiebuchen

Published

2020-11-17

Updated

2024-12-12

CVE-2020-26966

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 83 Firefox ESR versions prior to 78.5 Thunderbird versions prior to 78.5

Description Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string, resulting in an information leak. This issue only affected Windows operating systems, while other operating systems are unaffected.

Recommendations For Firefox versions prior to 83, update to version 83 or later. For Firefox ESR versions prior to 78.5, update to version 78.5 or later. For Thunderbird versions prior to 78.5, update to version 78.5 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2020-3340

ALT-PU-2020-3379

ALT-PU-2020-3384

ALT-PU-2020-3386

ALT-PU-2020-3424

ALT-PU-2021-1368

ALT-PU-2021-1369

ALT-PU-2021-3368

CVE-2020-26966

OPENSUSE-SU-2020:2020-1

OPENSUSE-SU-2020:2031-1

OPENSUSE-SU-2020:2096-1

OPENSUSE-SU-2020:2187-1

OPENSUSE-SU-2020:2315-1

OPENSUSE-SU-2020_2020-1

OPENSUSE-SU-2020_2031-1

OPENSUSE-SU-2020_2096-1

OPENSUSE-SU-2020_2187-1

OPENSUSE-SU-2020_2315-1

OPENSUSE-SU-2024:10600-1

OPENSUSE-SU-2024:10601-1

OPENSUSE-SU-2024:14572-1

SUSE-SU-2020:14548-1

SUSE-SU-2020:3383-1

SUSE-SU-2020:3458-1

SUSE-SU-2020:3528-1

SUSE-SU-2020:3548-1

SUSE-SU-2020_14548-1

Affected Products

Alt Linux

Firefox

Firefox Esr

Suse

Thunderbird

Windows

PT-2020-16580 · Microsoft+3 · Windows+5

CVE-2020-26966

Related Identifiers

Affected Products

References · 2024