CVE-2020-35113 log

Source
Severity High
Remote Yes
Type Arbitrary code execution
Description
Mozilla developer Christian Holler reported memory safety bugs present in Firefox 83, Firefox ESR 78.5 and Thunderbird 78.5. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could have been exploited to run arbitrary code.
Group Package Affected Fixed Severity Status Ticket
AVG-1362 firefox 83.0-2 84.0-1 High Fixed
AVG-1315 thunderbird 78.5.0-1 78.6.0-1 High Fixed FS#68853
Date Advisory Group Package Severity Type
16 Dec 2020 ASA-202012-25 AVG-1362 firefox High multiple issues
16 Dec 2020 ASA-202012-23 AVG-1315 thunderbird High multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-35113
https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-35113
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1664831%2C1673589