CVE-2020-6821
Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.
Cuando se lee desde áreas parcial o completamente fuera del recurso fuente con el método <code>copyTexSubImage</code> de WebGL, la especificación requiere que los valores devueltos sean cero. Anteriormente, esta memoria no fue inicializada, conllevando a una divulgación de datos potencialmente confidenciales. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 68.7.0, Firefox ESR versiones anteriores a 68.7 y Firefox versiones anteriores a 75.
The Mozilla Foundation Security Advisory describes this flaw as: When reading from areas partially or fully outside the source resource with WebGL's copyTexSubImage method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure.
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that extensions could obtain auth codes from OAuth login flows in some circumstances. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit this to obtain access to the user's account. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-01-10 CVE Reserved
- 2020-04-08 CVE Published
- 2024-08-04 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-908: Use of Uninitialized Resource
CAPEC
References (6)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://usn.ubuntu.com/4335-1 | 2021-07-21 | |
| https://www.mozilla.org/security/advisories/mfsa2020-12 | 2021-07-21 | |
| https://www.mozilla.org/security/advisories/mfsa2020-13 | 2021-07-21 | |
| https://www.mozilla.org/security/advisories/mfsa2020-14 | 2021-07-21 | |
| https://access.redhat.com/security/cve/CVE-2020-6821 | 2020-04-16 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1821674 | 2020-04-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | < 75.0 Search vendor "Mozilla" for product "Firefox" and version " < 75.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | < 68.7.0 Search vendor "Mozilla" for product "Firefox Esr" and version " < 68.7.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | < 68.7.0 Search vendor "Mozilla" for product "Thunderbird" and version " < 68.7.0" | - |
Affected
| ||||||