PT-2020-6728 · Mozilla+4 · Firefox For Android+7

Byron Campen

Published

2020-08-16

Updated

2024-12-12

CVE-2020-15670

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 80 Firefox ESR versions prior to 78.2 Thunderbird versions prior to 78.2 Firefox for Android versions prior to 80

Description The issue is related to memory safety bugs and buffer overflow in memory, which could potentially be exploited to run arbitrary code. This can be achieved by a remote attacker using a specially crafted web page.

Recommendations For Firefox versions prior to 80, update to version 80 or later. For Firefox ESR versions prior to 78.2, update to version 78.2 or later. For Thunderbird versions prior to 78.2, update to version 78.2 or later. For Firefox for Android versions prior to 80, update to version 80 or later.

Exploit

Fix

Use After Free

Buffer Overflow

Race Condition

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-120CWE-362CWE-617CWE-119

Related Identifiers

ALT-PU-2020-2598

ALT-PU-2020-2706

ALT-PU-2020-2719

ALT-PU-2020-2722

ALT-PU-2020-2933

ALT-PU-2020-2934

ALT-PU-2020-3442

ALT-PU-2021-1368

ALT-PU-2021-1369

ALT-PU-2021-3368

BDU:2022-05804

CVE-2020-15670

OESA-2023-1673

OESA-2023-1674

OPENSUSE-SU-2020:1384-1

OPENSUSE-SU-2020:1391-1

OPENSUSE-SU-2020_1384-1

OPENSUSE-SU-2020_1391-1

OPENSUSE-SU-2024:10600-1

OPENSUSE-SU-2024:14572-1

SUSE-SU-2020:14489-1

SUSE-SU-2020:2544-1

SUSE-SU-2020:2563-1

SUSE-SU-2020:2749-1

USN-4474-1

USN-4474-2

Affected Products

Alt Linux

Firefox

Firefox Esr

Firefox For Android

Linuxmint

Suse

Thunderbird

Ubuntu

PT-2020-6728 · Mozilla+4 · Firefox For Android+7

CVE-2020-15670

Weakness Enumeration

Related Identifiers

Affected Products

References · 2220