Rewterz Threat Advisory – Multiple Mozilla Thunderbird Vulnerabilities
May 6, 2020Rewterz Threat Advisory – CVE-2020-12114 – Linux Kernel Denial of Service Vulnerability
May 6, 2020Severity
Medium
Analysis Summary
CVE-2020-12387
A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash.
CVE-2020-12388, CVE-2020-12389
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape.
CVE-2020-6831
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash.
CVE-2020-12390
Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks.
CVE-2020-12391
Documents formed using data: URLs in an object element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin.
CVE-2020-12392
The ‘Copy as cURL’ feature of Devtools’ network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the ‘Copy as cURL’ feature and pasted the command into a terminal, it could have resulted in the disclosure of local files.
CVE-2020-12393
The ‘Copy as cURL’ feature of Devtools’ network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the ‘Copy as cURL’ feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution.
CVE-2020-12394
A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element.
CVE-2020-12395
Mozilla Firefox could allow a remote malicious user to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
CVE-2020-12396
A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run.
Impact
- Memory corruption
- Execution of arbitrary code
- URL Spoofing
- Disclosure of local files
- Incorrect security checks
- Buffer overflow
Affected Vendor
Mozilla
Affected Product
- Firefox ESR
- Mozilla Firefox
Remediation
Users are advised to update to the latest vesions of the affected products.
Mozilla Firefox ESR 68.8.
Mozilla Firefox 76.