PT-2020-19247 · Mozilla+5 · Firefox+7

Christian Holler

+1

·

Published

2020-04-07

·

Updated

2024-12-12

·

CVE-2020-6825

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 75 Firefox ESR versions prior to 68.7 Thunderbird versions prior to 68.7.0
Description The issue is related to memory safety bugs, which have been identified in certain versions of Firefox and Thunderbird. These bugs have shown evidence of memory corruption, and it is presumed that they could be exploited to run arbitrary code with sufficient effort.
Recommendations For Firefox versions prior to 75, update to version 75 or later. For Firefox ESR versions prior to 68.7, update to version 68.7 or later. For Thunderbird versions prior to 68.7.0, update to version 68.7.0 or later.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2020-1692
ALT-PU-2020-1699
ALT-PU-2020-1701
ALT-PU-2020-1756
ALT-PU-2020-1760
ALT-PU-2020-2408
ALT-PU-2020-2933
ALT-PU-2020-3442
ALT-PU-2021-1368
ALT-PU-2021-3368
CESA-2020_1406
CESA-2020_1429
CESA-2020_1488
CESA-2020_1489
CESA-2020_1495
CVE-2020-6825
DLA-2170-1
DLA-2172-1
DSA-4655-1
DSA-4656-1
MGASA-2020-0163
MGASA-2020-0170
OPENSUSE-SU-2020:0493-1
OPENSUSE-SU-2020:0520-1
OPENSUSE-SU-2020:0544-1
OPENSUSE-SU-2020_0493-1
OPENSUSE-SU-2020_0520-1
OPENSUSE-SU-2020_0544-1
OPENSUSE-SU-2024:10600-1
OPENSUSE-SU-2024:10601-1
OPENSUSE-SU-2024:14572-1
RHSA-2020:1404
RHSA-2020:1406
RHSA-2020:1420
RHSA-2020:1429
RHSA-2020:1488
RHSA-2020:1489
RHSA-2020:1495
RHSA-2020:1496
RHSA-2020_1406
RHSA-2020_1420
RHSA-2020_1429
RHSA-2020_1488
RHSA-2020_1489
RHSA-2020_1495
SUSE-SU-2020:0971-1
SUSE-SU-2020:0978-1
SUSE-SU-2020:1027-1
SUSE-SU-2020:14339-1
USN-4323-1
USN-4328-1
USN-4335-1

Affected Products

Alt Linux
Centos
Firefox
Firefox Esr
Red Hat
Suse
Thunderbird
Ubuntu