CVE-2020-12395 log

Source
Severity Critical
Remote Yes
Type Arbitrary code execution
Description
Several memory safety bugs has been found in Firefox before 76.0, Firefox ESR before 68.8 and Thunderbird before 68.8.0. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could have been exploited to run arbitrary code.
Group Package Affected Fixed Severity Status Ticket
AVG-1155 thunderbird 68.7.0-2 68.8.0-1 Critical Fixed
AVG-1148 firefox 75.0-1 76.0-1 Critical Fixed
Date Advisory Group Package Severity Type
09 May 2020 ASA-202005-7 AVG-1155 thunderbird Critical multiple issues
06 May 2020 ASA-202005-3 AVG-1148 firefox Critical multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12395
https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-12395
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1595886%2C1611482%2C1614704%2C1624098%2C1625749%2C1626382%2C1628076%2C1631508