PT-2020-6730 · Mozilla+6 · Firefox+8
Icewall
+1
·
Published
2020-06-30
·
Updated
2024-12-12
·
CVE-2020-12418
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Mozilla Firefox versions prior to 78
Mozilla Firefox ESR versions prior to 68.10
Thunderbird versions prior to 68.10.0
Description
The issue is related to an out-of-bounds read in memory, allowing an attacker to potentially access protected information. This can be achieved through a specially crafted web page, which could cause the browser to leak process memory to malicious JavaScript. Manipulating individual parts of a URL object could also lead to this out-of-bounds read.
Recommendations
For Mozilla Firefox versions prior to 78, update to version 78 or later to resolve the issue.
For Mozilla Firefox ESR versions prior to 68.10, update to version 68.10 or later to resolve the issue.
For Thunderbird versions prior to 68.10.0, update to version 68.10.0 or later to resolve the issue.
Exploit
Fix
Out of bounds Read
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Centos
Linuxmint
Firefox
Firefox Esr
Red Hat
Suse
Thunderbird
Ubuntu