Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-12406: Security Vulnerabilities fixed in Firefox 77

Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.

CVE
#vulnerability#web#cisco#js#java#dell#firefox

Mozilla Foundation Security Advisory 2020-20

Announced

June 2, 2020

Impact

high

Products

Firefox

Fixed in

  • Firefox 77

#CVE-2020-12399: Timing attack on DSA signatures in NSS library

Reporter

Cesar Pereida Garcia and the Network and Information Security Group (NISEC) at Tampere University

Impact

high

Description

NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys.

References

  • Bug 1631576

#CVE-2020-12405: Use-after-free in SharedWorkerService

Reporter

Marcin ‘Icewall’ Noga of Cisco Talos

Impact

high

Description

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash.

References

  • Bug 1631618

#CVE-2020-12406: JavaScript type confusion with NativeTypes

Reporter

Iain Ireland

Impact

high

Description

Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code.

References

  • Bug 1639590

#CVE-2020-12407: WebRender leaking GPU memory when using border-image CSS directive

Reporter

Nicolas Silva

Impact

moderate

Description

Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content.

References

  • Bug 1637112

#CVE-2020-12408: URL spoofing when using IP addresses

Reporter

Rayyan Bijoora

Impact

low

Description

When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar.

References

  • Bug 1623888

#CVE-2020-12409: URL spoofing with unicode characters

Reporter

Rayyan Bijoora

Impact

low

Description

When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL.

References

  • Bug 1629506

#CVE-2020-12410: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9

Reporter

Mozilla developers

Impact

high

Description

Mozilla developers Tom Tung and Karl Tomlinson reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

References

  • Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9

#CVE-2020-12411: Memory safety bugs fixed in Firefox 77

Reporter

Mozilla developers

Impact

high

Description

Mozilla developers :Gijs (he/him), Randell Jesup reported memory safety bugs present in Firefox 76. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

References

  • Memory safety bugs fixed in Firefox 77

Related news

RHSA-2020:3280: Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update

An update for nss and nspr is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-11756: nss: Use-after-free in sftk_FreeSession due to improper refcounting * CVE-2019-17006: nss: Check length of inputs for cryptographic primitives * CVE-2019-17023: nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state * CVE-2020-12399: nss: Timing attack on DSA signature generation * CVE-2020-12402: nss: Side channel v...

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907