CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-26974 – Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
https://notcve.org/view.php?id=CVE-2020-26974
When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. Cuando flex-basis fue usada en un contenedor de tabla, un objeto StyleGenericFlexBasis podría haberse convertido incorrectamente en el tipo equivocado. Esto resultó en uso de la memoria previamente liberada de la pila, una corrupción de la memoria y un bloqueo potencialmente explotable. • https://bugzilla.mozilla.org/show_bug.cgi?id=1681022 https://www.mozilla.org/security/advisories/mfsa2020-54 https://www.mozilla.org/security/advisories/mfsa2020-55 https://www.mozilla.org/security/advisories/mfsa2020-56 https://access.redhat.com/security/cve/CVE-2020-26974 https://bugzilla.redhat.com/show_bug.cgi?id=1908024 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-26978 – Mozilla: Internal network hosts could have been probed by a malicious webpage
https://notcve.org/view.php?id=CVE-2020-26978
Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. Usando técnicas que se basaron en la investigación de slipstream, una página web maliciosa podría haber expuesto tanto los hosts de una red interna como los servicios que se ejecutan en la máquina local del usuario. Esta vulnerabilidad afecta a Firefox versiones anteriores a 84, Thunderbird versiones anteriores a 78,6 y Firefox ESR versiones anteriores a 78,6 The Mozilla Foundation Security Advisory describes this flaw as: Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. • https://bugzilla.mozilla.org/show_bug.cgi?id=1677047 https://www.mozilla.org/security/advisories/mfsa2020-54 https://www.mozilla.org/security/advisories/mfsa2020-55 https://www.mozilla.org/security/advisories/mfsa2020-56 https://access.redhat.com/security/cve/CVE-2020-26978 https://bugzilla.redhat.com/show_bug.cgi?id=1908025 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-26966
https://notcve.org/view.php?id=CVE-2020-26966
Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. Una búsqueda de una sola palabra en la barra de direcciones causó que se enviara una petición mDNS en la red local buscando un nombre de host que constara de esa cadena; resultando en una filtración de información. • https://bugzilla.mozilla.org/show_bug.cgi?id=1663571 https://www.mozilla.org/security/advisories/mfsa2020-50 https://www.mozilla.org/security/advisories/mfsa2020-51 https://www.mozilla.org/security/advisories/mfsa2020-52 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26970 – Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes
https://notcve.org/view.php?id=CVE-2020-26970
When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable. This vulnerability affects Thunderbird < 78.5.1. Cuando se leen los códigos de estado del servidor SMTP, Thunderbird escribe un valor entero hacia una posición en la pila que debe contener solo un byte. Dependiendo de la arquitectura del procesador y el diseño de la pila, esto conlleva a una corrupción de la pila que puede ser explotable. • https://bugzilla.mozilla.org/show_bug.cgi?id=1677338 https://www.mozilla.org/security/advisories/mfsa2020-53 https://access.redhat.com/security/cve/CVE-2020-26970 https://bugzilla.redhat.com/show_bug.cgi?id=1903443 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-26953 – Mozilla: Fullscreen could be enabled without displaying the security UI
https://notcve.org/view.php?id=CVE-2020-26953
It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. Fue posible causar que el navegador entre en modo de pantalla completa sin mostrar la interfaz de seguridad, lo que permite intentar un ataque de phishing o confundir de alguna manera al usuario. Esta vulnerabilidad afecta a Firefox versiones anteriores a 83, Firefox ESR versiones anteriores a 78.5, y Thunderbird versiones anteriores a 78.5 • https://bugzilla.mozilla.org/show_bug.cgi?id=1656741 https://www.mozilla.org/security/advisories/mfsa2020-50 https://www.mozilla.org/security/advisories/mfsa2020-51 https://www.mozilla.org/security/advisories/mfsa2020-52 https://access.redhat.com/security/cve/CVE-2020-26953 https://bugzilla.redhat.com/show_bug.cgi?id=1898733 • CWE-451: User Interface (UI) Misrepresentation of Critical Information CWE-1021: Improper Restriction of Rendered UI Layers or Frames •