CVE-2020-15669
01.10.2020, 19:15
When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.12 and Thunderbird < 68.12.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 𝑥 < 68.12 |
| mozilla | thunderbird | 𝑥 < 68.12 |
𝑥
= Vulnerable software versions
Debian Releases
Debian Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox-esr |
| ||||||||||||
| thunderbird |
|
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox-esr |
| ||||||||||||||||||||
| thunderbird |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| MozillaThunderbird |
| ||||||||||||||||||||||||||||||||
| MozillaThunderbird-translations-common |
| ||||||||||||||||||||||||||||||||
| MozillaThunderbird-translations-other |
|
Red Hat Enterprise Linux Releases
Common Weakness Enumeration
References