CVE-2020-12395 - log back

CVE-2020-12395 edited at 09 May 2020 16:11:46
References
https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12395
+ https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-12395
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1595886%2C1611482%2C1614704%2C1624098%2C1625749%2C1626382%2C1628076%2C1631508
CVE-2020-12395 edited at 09 May 2020 16:11:30
Description
- Several memory safety bugs has been found in Firefox before 76.0 and Firefox ESR before 68.8. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could have been exploited to run arbitrary code.
+ Several memory safety bugs has been found in Firefox before 76.0, Firefox ESR before 68.8 and Thunderbird before 68.8.0. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could have been exploited to run arbitrary code.
CVE-2020-12395 edited at 06 May 2020 09:38:00
Description
- Mozilla developers and community members Alexandru Michis, Jason Kratzer, philipp, Ted Campbell, Bas Schouten, André Bargull, and Karl Tomlinson reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
+ Several memory safety bugs has been found in Firefox before 76.0 and Firefox ESR before 68.8. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could have been exploited to run arbitrary code.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12395
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1595886%2C1611482%2C1614704%2C1624098%2C1625749%2C1626382%2C1628076%2C1631508
CVE-2020-12395 edited at 05 May 2020 17:18:55
Severity
- Unknown
+ Critical
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ Mozilla developers and community members Alexandru Michis, Jason Kratzer, philipp, Ted Campbell, Bas Schouten, André Bargull, and Karl Tomlinson reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
References
+ https://bugzilla.mozilla.org/buglist.cgi?bug_id=1595886%2C1611482%2C1614704%2C1624098%2C1625749%2C1626382%2C1628076%2C1631508
Notes
CVE-2020-12395 created at 05 May 2020 17:16:55