This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Mozilla First view 2019-04-26
Product Firefox Esr Last view 2020-05-26
Version 60.6 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:mozilla:firefox_esr

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
9.8 2020-05-26 CVE-2020-6831

A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

9.8 2020-05-26 CVE-2020-12395

Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

7.8 2020-05-26 CVE-2020-12393

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

5.5 2020-05-26 CVE-2020-12392

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

10 2020-05-26 CVE-2020-12389

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.

10 2020-05-26 CVE-2020-12388

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.

8.1 2020-05-26 CVE-2020-12387

A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

7.5 2020-04-24 CVE-2020-6828

A malicious Android application could craft an Intent that would have been processed by Firefox for Android and potentially result in a file overwrite in the user's profile directory. One exploitation vector for this would be to supply a user.js file providing arbitrary malicious preference values. Control of arbitrary preferences can lead to sufficient compromise such that it is generally equivalent to arbitrary code execution.
*Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.7.

4.7 2020-04-24 CVE-2020-6827

When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI.
*Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.7.

9.8 2020-04-24 CVE-2020-6825

Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.

8.8 2020-04-24 CVE-2020-6822

On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.

7.5 2020-04-24 CVE-2020-6821

When reading from areas partially or fully outside the source resource with WebGL's copyTexSubImage method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.

8.1 2020-04-24 CVE-2020-6820

Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.

8.1 2020-04-24 CVE-2020-6819

Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.

9.8 2020-03-25 CVE-2020-6814

Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

5.3 2020-03-25 CVE-2020-6812

The first time AirPods are connected to an iPhone, they become named after the user's name by default (e.g. Jane Doe's AirPods.) Websites with camera or microphone permission are able to enumerate device names, disclosing the user's name. To resolve this issue, Firefox added a special case that renames devices containing the substring 'AirPods' to simply 'AirPods'. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

8.8 2020-03-25 CVE-2020-6811

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

8.8 2020-03-25 CVE-2020-6807

When a device was changed while a stream was about to be destroyed, the stream-reinit task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

8.8 2020-03-25 CVE-2020-6806

By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

8.8 2020-03-25 CVE-2020-6805

When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

8.8 2020-03-02 CVE-2020-6800

Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.

8.8 2020-03-02 CVE-2020-6799

Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. This required Firefox to be configured as the default handler for a given file type and for a file downloaded to be opened in a third party application that insufficiently sanitized URL data. In that situation, clicking a link in the third party application could have been used to retrieve and execute files whose location was supplied through command line arguments. Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected. This vulnerability affects Firefox < 73 and Firefox < ESR68.5.

6.1 2020-03-02 CVE-2020-6798

If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. In general, this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but is potentially a risk in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.

4.3 2020-03-02 CVE-2020-6797

By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact. Note: this issue only occurs on Mac OSX. Other operating systems are unaffected. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.

8.8 2020-03-02 CVE-2020-6796

A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 73 and Firefox < ESR68.5.

CWE : Common Weakness Enumeration

%idName
17% (16) CWE-416 Use After Free
15% (14) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
15% (14) CWE-20 Improper Input Validation
8% (8) CWE-200 Information Exposure
6% (6) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
6% (6) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
5% (5) CWE-787 Out-of-bounds Write
4% (4) CWE-704 Incorrect Type Conversion or Cast
4% (4) CWE-362 Race Condition
2% (2) CWE-346 Origin Validation Error
2% (2) CWE-269 Improper Privilege Management
2% (2) CWE-125 Out-of-bounds Read
2% (2) CWE-74 Failure to Sanitize Data into a Different Plane ('Injection')
1% (1) CWE-732 Incorrect Permission Assignment for Critical Resource
1% (1) CWE-665 Improper Initialization
1% (1) CWE-415 Double Free
1% (1) CWE-354 Improper Validation of Integrity Check Value
1% (1) CWE-352 Cross-Site Request Forgery (CSRF)
1% (1) CWE-276 Incorrect Default Permissions
1% (1) CWE-264 Permissions, Privileges, and Access Controls

Snort® IPS/IDS

Date Description
2020-05-07 Mozilla Firefox potential use after free attempt
RuleID : 53581 - Type : BROWSER-FIREFOX - Revision : 1
2020-05-07 Mozilla Firefox potential use after free attempt
RuleID : 53580 - Type : BROWSER-FIREFOX - Revision : 1
2020-01-14 IonMonkey MArraySlice buffer overflow attempt
RuleID : 52431 - Type : BROWSER-FIREFOX - Revision : 1
2020-01-14 IonMonkey MArraySlice buffer overflow attempt
RuleID : 52430 - Type : BROWSER-FIREFOX - Revision : 1
2020-01-14 Mozilla Firefox RemotePrompt sandbox escape attempt
RuleID : 52425 - Type : BROWSER-FIREFOX - Revision : 1
2020-01-14 Mozilla Firefox RemotePrompt sandbox escape attempt
RuleID : 52424 - Type : BROWSER-FIREFOX - Revision : 1
2019-08-13 Mozilla Firefox RemotePrompt sandbox escape attempt
RuleID : 50697 - Type : BROWSER-FIREFOX - Revision : 2
2019-08-13 Mozilla Firefox RemotePrompt sandbox escape attempt
RuleID : 50696 - Type : BROWSER-FIREFOX - Revision : 2
2019-07-31 Mozilla Firefox Array.prototype.pop type confusion attempt
RuleID : 50519 - Type : BROWSER-FIREFOX - Revision : 2
2019-07-31 Mozilla Firefox Array.prototype.pop type confusion attempt
RuleID : 50518 - Type : BROWSER-FIREFOX - Revision : 2
2018-11-08 Multiple browsers memory corruption attempt
RuleID : 48052 - Type : BROWSER-IE - Revision : 6
2018-11-08 Multiple browsers memory corruption attempt
RuleID : 48051 - Type : BROWSER-IE - Revision : 6