PT-2020-6723 · Mozilla+6 · Firefox+8

Christian Holler

Published

2020-10-20

Updated

2024-12-12

CVE-2020-15683

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 82 Firefox ESR versions prior to 78.4 Thunderbird versions prior to 78.4

Description The issue is related to a buffer overflow due to insufficient input validation, potentially allowing a remote attacker to execute arbitrary code using a specially crafted web page. Memory safety bugs have been reported in Firefox and Firefox ESR, showing evidence of memory corruption, which could be exploited to run arbitrary code with sufficient effort.

Recommendations For Firefox versions prior to 82, update to version 82 or later to resolve the issue. For Firefox ESR versions prior to 78.4, update to version 78.4 or later to resolve the issue. For Thunderbird versions prior to 78.4, update to version 78.4 or later to resolve the issue.

Exploit

Fix

Buffer Overflow

Use After Free

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120CWE-416CWE-787

Related Identifiers

ALT-PU-2020-3115

ALT-PU-2020-3118

ALT-PU-2020-3120

ALT-PU-2020-3134

ALT-PU-2020-3143

ALT-PU-2021-1152

ALT-PU-2021-1368

ALT-PU-2021-1369

ALT-PU-2021-2725

ALT-PU-2021-2881

ALT-PU-2021-3368

ALT-PU-2021-3369

ALT-PU-2022-1781

BDU:2022-05797

CESA-2020_4310

CESA-2020_4317

CESA-2020_4330

CESA-2020_4909

CESA-2020_4913

CESA-2020_4947

CVE-2020-15683

DLA-2411-1

DLA-2416-1

DSA-4778-1

DSA-4780-1

MGASA-2020-0395

MGASA-2020-0396

OESA-2023-1673

OESA-2023-1674

OPENSUSE-SU-2020:1732-1

OPENSUSE-SU-2020:1748-1

OPENSUSE-SU-2020:1780-1

OPENSUSE-SU-2020:1785-1

OPENSUSE-SU-2020_1732-1

OPENSUSE-SU-2020_1748-1

OPENSUSE-SU-2020_1780-1

OPENSUSE-SU-2020_1785-1

OPENSUSE-SU-2024:10600-1

OPENSUSE-SU-2024:10601-1

OPENSUSE-SU-2024:14572-1

RHSA-2020:4310

RHSA-2020:4311

RHSA-2020:4315

RHSA-2020:4317

RHSA-2020:4330

RHSA-2020:4909

RHSA-2020:4913

RHSA-2020:4944

RHSA-2020:4945

RHSA-2020:4947

RHSA-2020:4948

RHSA-2020_4310

RHSA-2020_4317

RHSA-2020_4330

RHSA-2020_4909

RHSA-2020_4913

RHSA-2020_4947

SUSE-SU-2020:14522-1

SUSE-SU-2020:3021-1

SUSE-SU-2020:3022-1

SUSE-SU-2020:3053-1

SUSE-SU-2020:3091-1

SUSE-SU-2020_14522-1

SUSE-SU-2020_3021-1

SUSE-SU-2020_3022-1

SUSE-SU-2020_3053-1

USN-4599-1

USN-4599-2

USN-4599-3

USN-4647-1

Affected Products

Alt Linux

Centos

Firefox

Firefox Esr

Linuxmint

Red Hat

Suse

Thunderbird

Ubuntu

PT-2020-6723 · Mozilla+6 · Firefox+8

CVE-2020-15683

Weakness Enumeration

Related Identifiers

Affected Products

References · 2348