CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 1CVE-2020-12405 – Mozilla: Use-after-free in SharedWorkerService
https://notcve.org/view.php?id=CVE-2020-12405
When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9. Cuando se navega una página maliciosa, podría ocurrir una condición de carrera en nuestro SharedWorkerService y conllevar a un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 68.9.0, Firefox versiones anteriores a 77 y Firefox ESR versiones anteriores a 68.9 The Mozilla Foundation Security Advisory describes this flaw as: When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. • https://bugzilla.mozilla.org/show_bug.cgi?id=1631618 https://usn.ubuntu.com/4421-1 https://www.mozilla.org/security/advisories/mfsa2020-20 https://www.mozilla.org/security/advisories/mfsa2020-21 https://www.mozilla.org/security/advisories/mfsa2020-22 https://access.redhat.com/security/cve/CVE-2020-12405 https://bugzilla.redhat.com/show_bug.cgi?id=1843313 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-12393
https://notcve.org/view.php?id=CVE-2020-12393
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. La funcionalidad "Copy as cURL" de la pestaña de red de Devtools no escapa correctamente al método HTTP de una petición, que puede ser controlada por el sitio web. • https://bugzilla.mozilla.org/show_bug.cgi?id=1615471 https://www.mozilla.org/security/advisories/mfsa2020-16 https://www.mozilla.org/security/advisories/mfsa2020-17 https://www.mozilla.org/security/advisories/mfsa2020-18 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-12397 – Mozilla: Sender Email Address Spoofing using encoded Unicode characters
https://notcve.org/view.php?id=CVE-2020-12397
By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird < 68.8.0. Al codificar caracteres de espacio en blanco Unicode dentro del encabezado del correo electrónico From, un atacante puede suplantar la dirección de correo electrónico del remitente que despliega Thunderbird. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 68.8.0. • https://bugzilla.mozilla.org/show_bug.cgi?id=1617370 https://security.gentoo.org/glsa/202005-03 https://usn.ubuntu.com/4373-1 https://www.mozilla.org/security/advisories/mfsa2020-18 https://access.redhat.com/security/cve/CVE-2020-12397 https://bugzilla.redhat.com/show_bug.cgi?id=1832565 • CWE-172: Encoding Error CWE-346: Origin Validation Error •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2020-12392 – Mozilla: Arbitrary local file access with 'Copy as cURL'
https://notcve.org/view.php?id=CVE-2020-12392
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. La funcionalidad "Copy as cURL" de la pestaña de red de Devtools no escapa apropiadamente los datos HTTP POST de una petición, que el sitio web puede controlar. Si un usuario usó la funcionalidad "Copy as cURL" y pegó el comando a un terminal, podría haber resultado en la divulgación de archivos locales. • https://bugzilla.mozilla.org/show_bug.cgi?id=1614468 https://security.gentoo.org/glsa/202005-03 https://security.gentoo.org/glsa/202005-04 https://usn.ubuntu.com/4373-1 https://www.mozilla.org/security/advisories/mfsa2020-16 https://www.mozilla.org/security/advisories/mfsa2020-17 https://www.mozilla.org/security/advisories/mfsa2020-18 https://access.redhat.com/security/cve/CVE-2020-12392 https://bugzilla.redhat.com/show_bug.cgi?id=1831764 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-552: Files or Directories Accessible to External Parties •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2020-12387 – Mozilla: Use-after-free during worker shutdown
https://notcve.org/view.php?id=CVE-2020-12387
A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. Una condición de carrera cuando se ejecuta el código shutdown para Web Worker conllevo a una vulnerabilidad de uso de la memoria previamente liberada. Esto resultó en un bloqueo potencialmente explotable. • https://bugzilla.mozilla.org/show_bug.cgi?id=1545345 https://security.gentoo.org/glsa/202005-03 https://security.gentoo.org/glsa/202005-04 https://usn.ubuntu.com/4373-1 https://www.mozilla.org/security/advisories/mfsa2020-16 https://www.mozilla.org/security/advisories/mfsa2020-17 https://www.mozilla.org/security/advisories/mfsa2020-18 https://access.redhat.com/security/cve/CVE-2020-12387 https://bugzilla.redhat.com/show_bug.cgi?id=1831761 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •