Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-26959

Опубликовано: 17 нояб. 2020
Источник: redhat
CVSS3: 8.8

Описание

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5firefoxOut of support scope
Red Hat Enterprise Linux 6thunderbirdFixedRHSA-2020:523830.11.2020
Red Hat Enterprise Linux 6firefoxFixedRHSA-2020:525730.11.2020
Red Hat Enterprise Linux 7thunderbirdFixedRHSA-2020:523530.11.2020
Red Hat Enterprise Linux 7firefoxFixedRHSA-2020:523930.11.2020
Red Hat Enterprise Linux 8thunderbirdFixedRHSA-2020:523630.11.2020
Red Hat Enterprise Linux 8firefoxFixedRHSA-2020:523730.11.2020
Red Hat Enterprise Linux 8.0 Update Services for SAP SolutionsthunderbirdFixedRHSA-2020:524030.11.2020
Red Hat Enterprise Linux 8.0 Update Services for SAP SolutionsfirefoxFixedRHSA-2020:531401.12.2020
Red Hat Enterprise Linux 8.1 Extended Update SupportthunderbirdFixedRHSA-2020:523130.11.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1898736Mozilla: Use-after-free in WebRequestService

8.8 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-26959

CVSS3: 8.8
ubuntu
около 5 лет назад

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

nvd логотип

CVE-2020-26959

CVSS3: 8.8
nvd
около 5 лет назад

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

debian логотип

CVE-2020-26959

CVSS3: 8.8
debian
около 5 лет назад

During browser shutdown, reference decrementing could have occured on ...

github логотип

GHSA-w4gq-6hmw-x862

github
больше 3 лет назад

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

fstec логотип

BDU:2020-05538

CVSS3: 6.1
fstec
около 5 лет назад

Уязвимость компонента WebRequestService веб-браузера Firefox и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании

8.8 High

CVSS3