CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-15664 – Mozilla: Attacker-induced prompt for extension installation
https://notcve.org/view.php?id=CVE-2020-15664
By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious extension being installed. This vulnerability affects Firefox < 80, Thunderbird < 78.2, Thunderbird < 68.12, Firefox ESR < 68.12, Firefox ESR < 78.2, and Firefox for Android < 80. Al mantener una referencia a la función eval() desde una ventana about:blank, una página web maliciosa podría haber conseguido acceso al objeto InstallTrigger, lo que le permitiría solicitar al usuario que instale una extensión. Combinado con la confusión del usuario, esto podría resultar en la instalación de una extensión maliciosa o involuntaria. • https://bugzilla.mozilla.org/show_bug.cgi?id=1658214 https://www.mozilla.org/security/advisories/mfsa2020-36 https://www.mozilla.org/security/advisories/mfsa2020-37 https://www.mozilla.org/security/advisories/mfsa2020-38 https://www.mozilla.org/security/advisories/mfsa2020-39 https://www.mozilla.org/security/advisories/mfsa2020-40 https://www.mozilla.org/security/advisories/mfsa2020-41 https://access.redhat.com/security/cve/CVE-2020-15664 https://bugzilla.redhat.com/show_bug.cgi?id=1872 • CWE-648: Incorrect Use of Privileged APIs CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-15648 – Mozilla: X-Frame-Options bypass using object or embed tags
https://notcve.org/view.php?id=CVE-2020-15648
Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird < 78 and Firefox < 78.0.2. Usando objetos o etiquetas insertadas, fue posible enmarcar otros sitios web, incluso si no permitían el encuadre usando el encabezado X-Frame-Options. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 78 y Firefox versiones anteriores a 78.0.2 • https://bugzilla.mozilla.org/show_bug.cgi?id=1644076 https://www.mozilla.org/security/advisories/mfsa2020-28 https://www.mozilla.org/security/advisories/mfsa2020-29 https://access.redhat.com/security/cve/CVE-2020-15648 https://bugzilla.redhat.com/show_bug.cgi?id=1872537 • CWE-451: User Interface (UI) Misrepresentation of Critical Information CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-15657
https://notcve.org/view.php?id=CVE-2020-15657
Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html https://bugzilla.mozilla.org/show_bug.cgi?id=1644954 https://www.mozilla.org/security/advisories/mfsa2020-30 https://www.mozilla.org/security/advisories/mfsa2020-32 https://www.mozilla.org/security/advisories/mfsa2020-33 • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-15658 – Mozilla: Overriding file type when saving to disk
https://notcve.org/view.php?id=CVE-2020-15658
The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1. El código para descargar archivos no toma cuidado apropiadamente de los caracteres especiales, lo que conllevaba a que un atacante sea capaz de cortar el archivo que terminaba en una posición anterior, conllevando a que sea descargado un tipo de archivo diferente al mostrado en el cuadro de diálogo. Esta vulnerabilidad afecta a Firefox ESR versiones anteriores a 78.1, Firefox versiones anteriores a 79 y Thunderbird versiones anteriores a 78.1 • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html https://bugzilla.mozilla.org/show_bug.cgi?id=1637745 https://usn.ubuntu.com/4443-1 https://www.mozilla.org/security/advisories/mfsa2020-30 https://www.mozilla.org/security/advisories/mfsa2020-32 https://www.mozilla.org/security/advisories/mfsa2020-33 https://access.redhat.com/security/cve/CVE-2020-15658 https://bugzilla.redhat.com/show_bug.cgi?id=1861647 • CWE-138: Improper Neutralization of Special Elements CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-15654 – Mozilla: Custom cursor can overlay user interface
https://notcve.org/view.php?id=CVE-2020-15654
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1. Cuando en un bucle infinito, un sitio web que especifica un cursor personalizado usando CSS podría hacer que parezca que el usuario está interactuando con la interfaz de usuario, cuando no es así. Esto podría conllevar a un estado roto percibido, especialmente cuando las interacciones con los diálogos y advertencias del navegador existentes no funcionan. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html https://bugzilla.mozilla.org/show_bug.cgi?id=1648333 https://usn.ubuntu.com/4443-1 https://www.mozilla.org/security/advisories/mfsa2020-30 https://www.mozilla.org/security/advisories/mfsa2020-32 https://www.mozilla.org/security/advisories/mfsa2020-33 https://access.redhat.com/security/cve/CVE-2020-15654 https://bugzilla.redhat.com/show_bug.cgi?id=1861649 • CWE-451: User Interface (UI) Misrepresentation of Critical Information CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •