PT-2020-16587 · Mozilla+6 · Firefox+8
Pham Bao
·
Published
2020-12-15
·
Updated
2024-12-12
·
CVE-2020-26974
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Firefox versions prior to 84
Thunderbird versions prior to 78.6
Firefox ESR versions prior to 78.6
Description
The issue arises when
flex-basis is used on a table wrapper, causing a StyleGenericFlexBasis object to be incorrectly cast to the wrong type. This results in a heap user-after-free, memory corruption, and a potentially exploitable crash.Recommendations
For Firefox versions prior to 84, update to version 84 or later.
For Thunderbird versions prior to 78.6, update to version 78.6 or later.
For Firefox ESR versions prior to 78.6, update to version 78.6 or later.
Exploit
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Suse
Thunderbird
Ubuntu