CVE-2020-6812 - log back

CVE-2020-6812 edited at 16 Mar 2020 11:32:06
Description
- An information disclosure issue has been found in Firefox before 74. The first time AirPods are connected to an iPhone, they become named after the user's name by default (e.g. Jane Doe's AirPods.) Websites with camera or microphone permission are able to enumerate device names, disclosing the user's name. To resolve this issue, Firefox added a special case that renames devices containing the substring 'AirPods' to simply 'AirPods'.
+ An information disclosure issue has been found in Firefox before 74 and Thunderbird before 68.6. The first time AirPods are connected to an iPhone, they become named after the user's name by default (e.g. Jane Doe's AirPods.) Websites with camera or microphone permission are able to enumerate device names, disclosing the user's name. To resolve this issue, Firefox added a special case that renames devices containing the substring 'AirPods' to simply 'AirPods'.
References
https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6812
+ https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/#CVE-2020-6812
https://bugzilla.mozilla.org/show_bug.cgi?id=1616661
CVE-2020-6812 edited at 11 Mar 2020 10:29:12
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Information disclosure
Description
+ An information disclosure issue has been found in Firefox before 74. The first time AirPods are connected to an iPhone, they become named after the user's name by default (e.g. Jane Doe's AirPods.) Websites with camera or microphone permission are able to enumerate device names, disclosing the user's name. To resolve this issue, Firefox added a special case that renames devices containing the substring 'AirPods' to simply 'AirPods'.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6812
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1616661
Notes
CVE-2020-6812 created at 11 Mar 2020 10:25:09