PT-2020-6716 · Mozilla+6 · Firefox+6

Ronald Crane

·

Published

2020-06-30

·

Updated

2024-12-12

·

CVE-2020-12422

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 78
Description The issue arises in non-standard configurations where a JPEG image created by JavaScript can cause an internal variable to overflow. This overflow results in an out of bounds write, leading to memory corruption and a potentially exploitable crash. The vulnerability is related to the nsJPEGEncoder::emptyOutputBuffer() function, which is associated with reading and writing data beyond buffer boundaries in memory. Exploitation of this issue could allow a remote attacker to execute arbitrary code.
Recommendations For Firefox versions prior to 78, update to version 78 or later to resolve the issue. As a temporary workaround, consider restricting the use of JavaScript-created JPEG images until a patch is applied. Avoid using the nsJPEGEncoder::emptyOutputBuffer() function in affected configurations to minimize the risk of exploitation.

Fix

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

ALT-PU-2020-2309
ALT-PU-2020-2408
ALT-PU-2020-2709
ALT-PU-2020-2933
ALT-PU-2020-2934
ALT-PU-2020-3442
ALT-PU-2021-1368
ALT-PU-2021-1369
ALT-PU-2021-3368
BDU:2022-05739
CESA-2020_3557
CVE-2020-12422
MGASA-2020-0378
OPENSUSE-SU-2020:0983-1
OPENSUSE-SU-2020:1017-1
OPENSUSE-SU-2020_0983-1
OPENSUSE-SU-2020_1017-1
OPENSUSE-SU-2024:10600-1
OPENSUSE-SU-2024:14572-1
RHSA-2020:3555
RHSA-2020:3557
RHSA-2020:3559
RHSA-2020:4080
RHSA-2020_3557
RHSA-2020_4080
SUSE-SU-2020:14421-1
SUSE-SU-2020:1898-1
SUSE-SU-2020:1899-1
USN-4408-1

Affected Products

Alt Linux
Centos
Firefox
Linuxmint
Red Hat
Suse
Ubuntu