Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-12405

Опубликовано: 02 июн. 2020
Источник: redhat
CVSS3: 5.3
EPSS Низкий

Описание

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.

The Mozilla Foundation Security Advisory describes this flaw as: When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5firefoxOut of support scope
Red Hat Enterprise Linux 5thunderbirdOut of support scope
Red Hat Enterprise Linux 6firefoxFixedRHSA-2020:237803.06.2020
Red Hat Enterprise Linux 6thunderbirdFixedRHSA-2020:261319.06.2020
Red Hat Enterprise Linux 7firefoxFixedRHSA-2020:238103.06.2020
Red Hat Enterprise Linux 7thunderbirdFixedRHSA-2020:261522.06.2020
Red Hat Enterprise Linux 8firefoxFixedRHSA-2020:237903.06.2020
Red Hat Enterprise Linux 8thunderbirdFixedRHSA-2020:261422.06.2020
Red Hat Enterprise Linux 8.0 Update Services for SAP SolutionsfirefoxFixedRHSA-2020:238203.06.2020
Red Hat Enterprise Linux 8.0 Update Services for SAP SolutionsthunderbirdFixedRHSA-2020:261619.06.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1843313Mozilla: Use-after-free in SharedWorkerService

EPSS

Процентиль: 71%
0.00664
Низкий

5.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-12405

CVSS3: 5.3
ubuntu
больше 5 лет назад

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.

nvd логотип

CVE-2020-12405

CVSS3: 5.3
nvd
больше 5 лет назад

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.

debian логотип

CVE-2020-12405

CVSS3: 5.3
debian
больше 5 лет назад

When browsing a malicious page, a race condition in our SharedWorkerSe ...

github логотип

GHSA-7768-mfm4-9cmv

CVSS3: 5.3
github
больше 3 лет назад

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.

fstec логотип

BDU:2021-02028

CVSS3: 5.9
fstec
больше 5 лет назад

Уязвимость компонента SharedWorkerService браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 71%
0.00664
Низкий

5.3 Medium

CVSS3