---

CVE-2020-12406 - log back

CVE-2020-12406 edited at 05 Jun 2020 13:54:14

Description

- Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. + Mozilla Developer Iain Ireland discovered a missing type check in Firefox before 77.0 and Thunderbird before 68.9.0 during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code.

CVE-2020-12406 edited at 02 Jun 2020 21:26:45
Severity	- Unknown + High
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary code execution
Description	+ Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code.
References	+ https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/ + https://bugzilla.mozilla.org/show_bug.cgi?id=1639590
Notes

CVE-2020-12406 created at 02 Jun 2020 21:22:07