CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15646 – Mozilla: Automatic account setup leaks Microsoft Exchange login credentials
https://notcve.org/view.php?id=CVE-2020-15646
If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the attacker. This vulnerability affects Thunderbird < 68.10.0. Si un atacante intercepta el intento inicial de Thunderbird de llevar a cabo los ajustes automáticos de la cuenta mediante el mecanismo de detección automática de Microsoft Exchange, y el atacante envía una respuesta diseñada, entonces Thunderbird envía el nombre de usuario y contraseña por medio de https hacia un servidor controlado por el atacante. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 68.10.0 • https://bugzilla.mozilla.org/show_bug.cgi?id=1606610 https://www.mozilla.org/security/advisories/mfsa2020-26 https://access.redhat.com/security/cve/CVE-2020-15646 https://bugzilla.redhat.com/show_bug.cgi?id=1854036 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-15663
https://notcve.org/view.php?id=CVE-2020-15663
If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to a previous version which would have allowed exploitation of an older bug and arbitrary code execution with System Privileges. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 80, Thunderbird < 78.2, Thunderbird < 68.12, Firefox ESR < 68.12, and Firefox ESR < 78.2. • https://bugzilla.mozilla.org/show_bug.cgi?id=1643199 https://www.mozilla.org/security/advisories/mfsa2020-36 https://www.mozilla.org/security/advisories/mfsa2020-37 https://www.mozilla.org/security/advisories/mfsa2020-38 https://www.mozilla.org/security/advisories/mfsa2020-40 https://www.mozilla.org/security/advisories/mfsa2020-41 • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-15670
https://notcve.org/view.php?id=CVE-2020-15670
Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 80, Firefox ESR < 78.2, Thunderbird < 78.2, and Firefox for Android < 80. Los desarrolladores de Mozilla reportaron de unos bugs de seguridad de la memoria presentes en Firefox para Android versión 79. Algunos de estos bugs han mostrado evidencia de corrupción de la memoria y suponemos que con suficiente esfuerzo algunos de ellos podrían haber sido explotados para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1651001%2C1653626%2C1656957 https://www.mozilla.org/security/advisories/mfsa2020-36 https://www.mozilla.org/security/advisories/mfsa2020-38 https://www.mozilla.org/security/advisories/mfsa2020-39 https://www.mozilla.org/security/advisories/mfsa2020-41 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free CWE-617: Reachable Assertion •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-15678 – Mozilla: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario
https://notcve.org/view.php?id=CVE-2020-15678
When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not follow iterator invalidation rules. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3. Al volver a recorrer las capas gráficas mientras se desplaza, es posible que un iterador pueda convertirse en no válido, resultando en un potencial uso de la memoria previamente liberada. Esto ocurre porque la función APZCTreeManager::ComputeClippedCompositionBounds no siguió las reglas de invalidación del iterador. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00074.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00077.html https://bugzilla.mozilla.org/show_bug.cgi?id=1660211 https://lists.debian.org/debian-lts-announce/2020/10/msg00020.html https://security.gentoo.org/glsa/202010-02 https://www.debian.org/security/2020/dsa-4770 https://www.mozilla.org/security/advisories/mfsa2020-42 https://www.mozilla.org/security/advisories/mfsa2020-43 https://www.mozil • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2020-15677 – Mozilla: Download origin spoofing via redirect
https://notcve.org/view.php?id=CVE-2020-15677
By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3. Al explotar una vulnerabilidad de Redireccionamiento Abierto en un sitio web, un atacante podría haber falsificado el sitio que es mostrado en el cuadro de diálogo del archivo de descarga para mostrar el sitio original (el que sufre el redireccionamiento abierto) en lugar del sitio del que se descargó el archivo realmente. Esta vulnerabilidad afecta a Firefox versiones anteriores a 81, Thunderbird versiones anteriores a 78.3, y Firefox ESR versiones anteriores a 78.3 The Mozilla Foundation Security Advisory describes this flaw as: By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00074.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00077.html https://bugzilla.mozilla.org/show_bug.cgi?id=1641487 https://lists.debian.org/debian-lts-announce/2020/10/msg00020.html https://security.gentoo.org/glsa/202010-02 https://www.debian.org/security/2020/dsa-4770 https://www.mozilla.org/security/advisories/mfsa2020-42 https://www.mozilla.org/security/advisories/mfsa2020-43 https://www.mozil • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •