Vulnerability-Lookup

CVE-2020-6796 (GCVE-0-2020-6796)

Vulnerability from cvelistv5 – Published: 2020-03-02 04:05 – Updated: 2024-08-04 09:11

Summary

A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 73 and Firefox < ESR68.5.

Severity

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Missing bounds check on shared memory read in the parent process

Assigner

mozilla

References

5 references

URL	Tags
https://www.mozilla.org/security/advisories/mfsa2…	x_refsource_MISC
https://www.mozilla.org/security/advisories/mfsa2…	x_refsource_MISC
https://bugzilla.mozilla.org/show_bug.cgi?id=1610426	x_refsource_MISC
https://usn.ubuntu.com/4278-2/	vendor-advisoryx_refsource_UBUNTU
https://security.gentoo.org/glsa/202003-02	vendor-advisoryx_refsource_GENTOO

Impacted products

1 product

Vendor	Product	Version
Mozilla	Firefox	Affected: unspecified , < 73 (custom) Affected: unspecified , < ESR68.5 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:11:05.019Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2020-05/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2020-06/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1610426"
          },
          {
            "name": "USN-4278-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4278-2/"
          },
          {
            "name": "GLSA-202003-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202003-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "73",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "ESR68.5",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 73 and Firefox \u003c ESR68.5."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Missing bounds check on shared memory read in the parent process",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-12T20:06:23.000Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.mozilla.org/security/advisories/mfsa2020-05/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.mozilla.org/security/advisories/mfsa2020-06/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1610426"
        },
        {
          "name": "USN-4278-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4278-2/"
        },
        {
          "name": "GLSA-202003-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202003-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@mozilla.org",
          "ID": "CVE-2020-6796",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Firefox",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "73"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "ESR68.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Mozilla"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 73 and Firefox \u003c ESR68.5."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Missing bounds check on shared memory read in the parent process"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.mozilla.org/security/advisories/mfsa2020-05/",
              "refsource": "MISC",
              "url": "https://www.mozilla.org/security/advisories/mfsa2020-05/"
            },
            {
              "name": "https://www.mozilla.org/security/advisories/mfsa2020-06/",
              "refsource": "MISC",
              "url": "https://www.mozilla.org/security/advisories/mfsa2020-06/"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1610426",
              "refsource": "MISC",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1610426"
            },
            {
              "name": "USN-4278-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4278-2/"
            },
            {
              "name": "GLSA-202003-02",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202003-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2020-6796",
    "datePublished": "2020-03-02T04:05:03.000Z",
    "dateReserved": "2020-01-10T00:00:00.000Z",
    "dateUpdated": "2024-08-04T09:11:05.019Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2020-6796",
      "date": "2026-06-10",
      "epss": "0.0065",
      "percentile": "0.71321"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"73.0\", \"matchCriteriaId\": \"D881BDA7-3601-4A45-991F-4B2B187A73D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"68.5.0\", \"matchCriteriaId\": \"17B5BB4D-FF9F-433C-A3AC-E4F34C3D75D9\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 73 and Firefox \u003c ESR68.5.\"}, {\"lang\": \"es\", \"value\": \"Un procesamiento de contenido podr\\u00eda haber modificado una memoria compartida relacionada con la informaci\\u00f3n de los reportes de bloqueos de aplicaci\\u00f3n, el bloqueo en s\\u00ed mismo, y causar una escritura fuera de l\\u00edmites. Esto podr\\u00eda haber causado una corrupci\\u00f3n de memoria y un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Firefox versiones anteriores a 73 y Firefox versiones anteriores a ESR68.5.\"}]",
      "id": "CVE-2020-6796",
      "lastModified": "2024-11-21T05:36:11.937",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2020-03-02T05:15:13.183",
      "references": "[{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1610426\", \"source\": \"security@mozilla.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"https://security.gentoo.org/glsa/202003-02\", \"source\": \"security@mozilla.org\"}, {\"url\": \"https://usn.ubuntu.com/4278-2/\", \"source\": \"security@mozilla.org\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2020-05/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2020-06/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1610426\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"https://security.gentoo.org/glsa/202003-02\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://usn.ubuntu.com/4278-2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2020-05/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2020-06/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@mozilla.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-6796\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2020-03-02T05:15:13.183\",\"lastModified\":\"2024-11-21T05:36:11.937\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 73 and Firefox \u003c ESR68.5.\"},{\"lang\":\"es\",\"value\":\"Un procesamiento de contenido podr\u00eda haber modificado una memoria compartida relacionada con la informaci\u00f3n de los reportes de bloqueos de aplicaci\u00f3n, el bloqueo en s\u00ed mismo, y causar una escritura fuera de l\u00edmites. Esto podr\u00eda haber causado una corrupci\u00f3n de memoria y un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Firefox versiones anteriores a 73 y Firefox versiones anteriores a ESR68.5.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"73.0\",\"matchCriteriaId\":\"D881BDA7-3601-4A45-991F-4B2B187A73D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"68.5.0\",\"matchCriteriaId\":\"17B5BB4D-FF9F-433C-A3AC-E4F34C3D75D9\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1610426\",\"source\":\"security@mozilla.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-02\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://usn.ubuntu.com/4278-2/\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-05/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-06/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1610426\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/4278-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-05/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-06/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

SUSE-SU-2020:14290-1

Vulnerability from csaf_suse - Published: 2020-02-24 12:08 - Updated: 2020-02-24 12:08

Summary

Security update for MozillaFirefox

Severity

Important

Notes

Title of the patch: Security update for MozillaFirefox

Description of the patch: This update for MozillaFirefox fixes the following issues: Firefox was updated to version 68.5.0 ESR (bsc#1163368). Security issues fixed: - CVE-2020-6796: Fixed a missing bounds check on shared memory in the parent process (bsc#1163368). - CVE-2020-6798: Fixed a JavaScript code injection issue caused by the incorrect parsing of template tags (bsc#1163368). - CVE-2020-6799: Fixed a local arbitrary code execution issue when handling PDF links from other applications (bsc#1163368). - CVE-2020-6800: Fixed several memory safety bugs (bsc#1163368). Non-security issues fixed: - Fixed various issues opening files with spaces in their path (bmo#1601905, bmo#1602726).

Patchnames: slessp4-MozillaFirefox-14290

CVE-2020-6796

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2020-6797

5.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2020-6798

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2020-6799

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2020-6800

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64	—	Vendor Fix

Threats

Impact important

References

21 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1161799	self
https://bugzilla.suse.com/1163368	self
https://www.suse.com/security/cve/CVE-2020-6796/	self
https://www.suse.com/security/cve/CVE-2020-6797/	self
https://www.suse.com/security/cve/CVE-2020-6798/	self
https://www.suse.com/security/cve/CVE-2020-6799/	self
https://www.suse.com/security/cve/CVE-2020-6800/	self
https://www.suse.com/security/cve/CVE-2020-6796	external
https://bugzilla.suse.com/1163368	external
https://www.suse.com/security/cve/CVE-2020-6797	external
https://bugzilla.suse.com/1163368	external
https://www.suse.com/security/cve/CVE-2020-6798	external
https://bugzilla.suse.com/1163368	external
https://www.suse.com/security/cve/CVE-2020-6799	external
https://bugzilla.suse.com/1163368	external
https://www.suse.com/security/cve/CVE-2020-6800	external
https://bugzilla.suse.com/1163368	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for MozillaFirefox",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for MozillaFirefox fixes the following issues:\n\nFirefox was updated to version 68.5.0 ESR (bsc#1163368).\n\n\nSecurity issues fixed:\n\n- CVE-2020-6796: Fixed a missing bounds check on shared memory in the parent process (bsc#1163368).\n- CVE-2020-6798: Fixed a JavaScript code injection issue caused by the incorrect parsing of template tags (bsc#1163368).\n- CVE-2020-6799: Fixed a local arbitrary code execution issue when handling PDF links from other applications (bsc#1163368).\n- CVE-2020-6800: Fixed several memory safety bugs (bsc#1163368).\n\n\nNon-security issues fixed:\n\n- Fixed various issues opening files with spaces in their path (bmo#1601905, bmo#1602726).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "slessp4-MozillaFirefox-14290",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_14290-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2020:14290-1",
        "url": "https://www.suse.com/support/update/announcement/2020/suse-su-202014290-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2020:14290-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2020-February/006514.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1161799",
        "url": "https://bugzilla.suse.com/1161799"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1163368",
        "url": "https://bugzilla.suse.com/1163368"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6796 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6796/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6797 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6797/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6798 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6798/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6799 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6799/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6800 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6800/"
      }
    ],
    "title": "Security update for MozillaFirefox",
    "tracking": {
      "current_release_date": "2020-02-24T12:08:59Z",
      "generator": {
        "date": "2020-02-24T12:08:59Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2020:14290-1",
      "initial_release_date": "2020-02-24T12:08:59Z",
      "revision_history": [
        {
          "date": "2020-02-24T12:08:59Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-68.5.0-78.61.2.x86_64",
                "product": {
                  "name": "MozillaFirefox-68.5.0-78.61.2.x86_64",
                  "product_id": "MozillaFirefox-68.5.0-78.61.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
                "product": {
                  "name": "MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
                  "product_id": "MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64",
                "product": {
                  "name": "MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64",
                  "product_id": "MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse_sles:11:sp4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-68.5.0-78.61.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64"
        },
        "product_reference": "MozillaFirefox-68.5.0-78.61.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-6796",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6796"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 73 and Firefox \u003c ESR68.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6796",
          "url": "https://www.suse.com/security/cve/CVE-2020-6796"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1163368 for CVE-2020-6796",
          "url": "https://bugzilla.suse.com/1163368"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-02-24T12:08:59Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6796"
    },
    {
      "cve": "CVE-2020-6797",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6797"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user\u0027s computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact. Note: this issue only occurs on Mac OSX. Other operating systems are unaffected. This vulnerability affects Thunderbird \u003c 68.5, Firefox \u003c 73, and Firefox \u003c ESR68.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6797",
          "url": "https://www.suse.com/security/cve/CVE-2020-6797"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1163368 for CVE-2020-6797",
          "url": "https://bugzilla.suse.com/1163368"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-02-24T12:08:59Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6797"
    },
    {
      "cve": "CVE-2020-6798",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6798"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. In general, this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but is potentially a risk in browser or browser-like contexts. This vulnerability affects Thunderbird \u003c 68.5, Firefox \u003c 73, and Firefox \u003c ESR68.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6798",
          "url": "https://www.suse.com/security/cve/CVE-2020-6798"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1163368 for CVE-2020-6798",
          "url": "https://bugzilla.suse.com/1163368"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-02-24T12:08:59Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6798"
    },
    {
      "cve": "CVE-2020-6799",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6799"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. This required Firefox to be configured as the default handler for a given file type and for a file downloaded to be opened in a third party application that insufficiently sanitized URL data. In that situation, clicking a link in the third party application could have been used to retrieve and execute files whose location was supplied through command line arguments. Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected. This vulnerability affects Firefox \u003c 73 and Firefox \u003c ESR68.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6799",
          "url": "https://www.suse.com/security/cve/CVE-2020-6799"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1163368 for CVE-2020-6799",
          "url": "https://bugzilla.suse.com/1163368"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-02-24T12:08:59Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6799"
    },
    {
      "cve": "CVE-2020-6800",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6800"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. This vulnerability affects Thunderbird \u003c 68.5, Firefox \u003c 73, and Firefox \u003c ESR68.5.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6800",
          "url": "https://www.suse.com/security/cve/CVE-2020-6800"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1163368 for CVE-2020-6800",
          "url": "https://bugzilla.suse.com/1163368"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.5.0-78.61.2.x86_64",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.5.0-78.61.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-02-24T12:08:59Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6800"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-6796 (GCVE-0-2020-6796)

SUSE-SU-2020:14290-1

Tags

Sightings

Nomenclature