CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26972
https://notcve.org/view.php?id=CVE-2020-26972
The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to. Such a check was omitted in WebGL, resulting in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 84. El ciclo de vida de IPC Actors, permite a actores administrados sobrevivir a sus actores administradores; y los primeros deben asegurarse de que no están intentando usar a un actor eliminado al que presentan en una referencia. Esta comprobación se omitió en WebGL, resultando en un uso de la memoria previamente liberada y un bloqueo potencialmente explotable. • https://bugzilla.mozilla.org/show_bug.cgi?id=1671382 https://www.mozilla.org/security/advisories/mfsa2020-54 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-26978 – Mozilla: Internal network hosts could have been probed by a malicious webpage
https://notcve.org/view.php?id=CVE-2020-26978
Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. Usando técnicas que se basaron en la investigación de slipstream, una página web maliciosa podría haber expuesto tanto los hosts de una red interna como los servicios que se ejecutan en la máquina local del usuario. Esta vulnerabilidad afecta a Firefox versiones anteriores a 84, Thunderbird versiones anteriores a 78,6 y Firefox ESR versiones anteriores a 78,6 The Mozilla Foundation Security Advisory describes this flaw as: Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. • https://bugzilla.mozilla.org/show_bug.cgi?id=1677047 https://www.mozilla.org/security/advisories/mfsa2020-54 https://www.mozilla.org/security/advisories/mfsa2020-55 https://www.mozilla.org/security/advisories/mfsa2020-56 https://access.redhat.com/security/cve/CVE-2020-26978 https://bugzilla.redhat.com/show_bug.cgi?id=1908025 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-35113 – Mozilla: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
https://notcve.org/view.php?id=CVE-2020-35113
Mozilla developers reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. Los desarrolladores de Mozilla reportaron bugs de seguridad de la memoria presentes en Firefox versión 83 y Firefox versión ESR 78.5. Algunos de estos bugs mostraron evidencia de corrupción de la memoria y suponemos que con un suficiente esfuerzo algunos de ellos podrían haberse explotado para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1664831%2C1673589 https://www.mozilla.org/security/advisories/mfsa2020-54 https://www.mozilla.org/security/advisories/mfsa2020-55 https://www.mozilla.org/security/advisories/mfsa2020-56 https://access.redhat.com/security/cve/CVE-2020-35113 https://bugzilla.redhat.com/show_bug.cgi?id=1908029 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-26974 – Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
https://notcve.org/view.php?id=CVE-2020-26974
When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. Cuando flex-basis fue usada en un contenedor de tabla, un objeto StyleGenericFlexBasis podría haberse convertido incorrectamente en el tipo equivocado. Esto resultó en uso de la memoria previamente liberada de la pila, una corrupción de la memoria y un bloqueo potencialmente explotable. • https://bugzilla.mozilla.org/show_bug.cgi?id=1681022 https://www.mozilla.org/security/advisories/mfsa2020-54 https://www.mozilla.org/security/advisories/mfsa2020-55 https://www.mozilla.org/security/advisories/mfsa2020-56 https://access.redhat.com/security/cve/CVE-2020-26974 https://bugzilla.redhat.com/show_bug.cgi?id=1908024 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-26971 – Mozilla: Heap buffer overflow in WebGL
https://notcve.org/view.php?id=CVE-2020-26971
Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. Determinados valores de blit proporcionados por el usuario no se restringieron apropiadamente, conllevando a un desbordamiento del búfer de pila en algunos controladores de video. Esta vulnerabilidad afecta a Firefox versiones anteriores a 84, Thunderbird versiones anteriores a 78,6 y Firefox ESR versiones anteriores a 78,6 The Mozilla Foundation Security Advisory describes this flaw as: Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. • https://bugzilla.mozilla.org/show_bug.cgi?id=1663466 https://www.mozilla.org/security/advisories/mfsa2020-54 https://www.mozilla.org/security/advisories/mfsa2020-55 https://www.mozilla.org/security/advisories/mfsa2020-56 https://access.redhat.com/security/cve/CVE-2020-26971 https://bugzilla.redhat.com/show_bug.cgi?id=1908022 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •