Уязвимость повреждения памяти в Firefox и Thunderbird, приводящая к возможности выполнения произвольного кода
Описание
Разработчики Mozilla обнаружили ряд проблем с безопасностью памяти в Firefox 82 и Firefox ESR 78.4. Некоторые из этих проблем показывают признаки повреждения памяти, и предполагается, что при достаточных усилиях они могут быть использованы для выполнения произвольного кода.
Затронутые версии ПО
- Firefox < 83
- Firefox ESR < 78.5
- Thunderbird < 78.5
Тип уязвимости
- Повреждение памяти
- Выполнение произвольного кода
Ссылки
- Broken Link
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Broken Link
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
8.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
Связанные уязвимости
Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
Mozilla developers reported memory safety bugs present in Firefox 82 a ...
Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
EPSS
8.8 High
CVSS3
9.3 Critical
CVSS2