9.3
CVE-2020-15659
- EPSS 0.93%
- Veröffentlicht 10.08.2020 18:15:12
- Zuletzt bearbeitet 21.11.2024 05:05:57
- Quelle security@mozilla.org
- Teams Watchlist Login
- Unerledigt Login
Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Firefox ESR Version < 68.11
Mozilla ≫ Firefox ESR Version >= 78.0 < 78.1.0
Mozilla ≫ Thunderbird Version < 68.11
Mozilla ≫ Thunderbird Version >= 78.0.1 < 78.1.0
Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.93% | 0.754 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.