Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2020-12418 - CERT CVE
CVE-2020-12418
ID
CVE-2020-12418
Sažetak
Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
Reference
https://www.mozilla.org/security/advisories/mfsa2020-24/
https://www.mozilla.org/security/advisories/mfsa2020-25/
https://bugzilla.mozilla.org/show_bug.cgi?id=1641303
https://www.mozilla.org/security/advisories/mfsa2020-26/
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00023.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00049.html
https://usn.ubuntu.com/4421-1/
https://security.gentoo.org/glsa/202007-10
https://security.gentoo.org/glsa/202007-09
CVSS
Base:
4.3
Impact:
2.9
Exploitability:
8.6
Pristup
Vektor
Složenost
Autentikacija
NETWORK
MEDIUM
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
PARTIAL
NONE
NONE
CVSS vektor
AV:N/AC:M/Au:N/C:P/I:N/A:N
Zadnje važnije ažuriranje
27-01-2023 - 16:57
Objavljeno
09-07-2020 - 15:15
