Vulnerabilities > CVE-2020-6807 - Use After Free vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
When a device was changed while a stream was about to be destroyed, the <code>stream-reinit</code> task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family MacOS X Local Security Checks NASL id MACOS_FIREFOX_74_0.NASL description The version of Firefox installed on the remote macOS or Mac OS X host is prior to 74.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-08 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-05-06 modified 2020-03-11 plugin id 134404 published 2020-03-11 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134404 title Mozilla Firefox < 74.0 Multiple Vulnerabilities NASL family Windows NASL id MOZILLA_FIREFOX_68_6_ESR.NASL description The version of Firefox ESR installed on the remote Windows host is prior to 68.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-09 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-05-06 modified 2020-03-11 plugin id 134407 published 2020-03-11 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134407 title Mozilla Firefox ESR < 68.6 Multiple Vulnerabilities NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2020-0816.NASL description The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0816 advisory. - Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-06 modified 2020-03-26 plugin id 134901 published 2020-03-26 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134901 title CentOS 6 : firefox (CESA-2020:0816) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0816.NASL description The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0816 advisory. - Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-02 modified 2020-03-18 plugin id 134666 published 2020-03-18 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134666 title RHEL 6 : firefox (RHSA-2020:0816) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-0815.NASL description From Red Hat Security Advisory 2020:0815 : The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0815 advisory. - Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-06 modified 2020-03-18 plugin id 134644 published 2020-03-18 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134644 title Oracle Linux 7 : firefox (ELSA-2020-0815) NASL family MacOS X Local Security Checks NASL id MACOS_FIREFOX_68_6_ESR.NASL description The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 68.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-09 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-05-06 modified 2020-03-11 plugin id 134406 published 2020-03-11 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134406 title Mozilla Firefox ESR < 68.6 Multiple Vulnerabilities NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2020-070-01.NASL description New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. last seen 2020-05-08 modified 2020-03-11 plugin id 134396 published 2020-03-11 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134396 title Slackware 14.2 / current : mozilla-firefox (SSA:2020-070-01) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0914.NASL description The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0914 advisory. - usrsctp: Out of bounds reads in sctp_load_addresses_from_init() (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-02 modified 2020-03-24 plugin id 134869 published 2020-03-24 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134869 title RHEL 6 : thunderbird (RHSA-2020:0914) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0919.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0919 advisory. - usrsctp: Out of bounds reads in sctp_load_addresses_from_init() (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-02 modified 2020-03-24 plugin id 134867 published 2020-03-24 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134867 title RHEL 8 : thunderbird (RHSA-2020:0919) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2020-0914.NASL description The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0914 advisory. - usrsctp: Out of bounds reads in sctp_load_addresses_from_init() (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-06 modified 2020-03-26 plugin id 134914 published 2020-03-26 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134914 title CentOS 6 : thunderbird (CESA-2020:0914) NASL family SuSE Local Security Checks NASL id OPENSUSE-2020-366.NASL description This update for MozillaThunderbird fixes the following issues : MozillaThunderbird was updated to 68.6.0 ESR (MFSA 2020-10 bsc#1166238) - CVE-2020-6805: Fixed a use-after-free when removing data about origins - CVE-2020-6806: Fixed improper protections against state confusion - CVE-2020-6807: Fixed a use-after-free in cubeb during stream destruction - CVE-2020-6811: Fixed an issue where copy as cURL last seen 2020-05-08 modified 2020-03-23 plugin id 134823 published 2020-03-23 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134823 title openSUSE Security Update : MozillaThunderbird (openSUSE-2020-366) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-0919.NASL description From Red Hat Security Advisory 2020:0919 : The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0919 advisory. - usrsctp: Out of bounds reads in sctp_load_addresses_from_init() (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-06 modified 2020-03-25 plugin id 134886 published 2020-03-25 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134886 title Oracle Linux 8 : thunderbird (ELSA-2020-0919) NASL family Amazon Linux Local Security Checks NASL id AL2_ALAS-2020-1414.NASL description The Mozilla Foundation Security Advisory describes this flaw as: When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. (CVE-2020-6805) The Mozilla Foundation Security Advisory describes this flaw as: The inputs to `sctp_load_addresses_from_init` are verified by `sctp_arethere_unrecognized_parameters`; however, the two functions handled parameter bounds differently, resulting in out of bounds reads when parameters are partially outside a chunk. (CVE-2019-20503) The Mozilla Foundation Security Advisory describes this flaw as: By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. (CVE-2020-6806) The Mozilla Foundation Security Advisory describes this flaw as: When a device was changed while a stream was about to be destroyed, the `stream-reinit` task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. (CVE-2020-6807) The Mozilla Foundation Security Advisory describes this flaw as: The first time AirPods are connected to an iPhone, they become named after the user last seen 2020-05-31 modified 2020-04-24 plugin id 135932 published 2020-04-24 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135932 title Amazon Linux 2 : thunderbird (ALAS-2020-1414) NASL family Scientific Linux Local Security Checks NASL id SL_20200323_THUNDERBIRD_ON_SL6_X.NASL description Security Fix(es) : - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6 (CVE-2020-6814) - Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) - Mozilla: Devtools last seen 2020-05-31 modified 2020-03-24 plugin id 134848 published 2020-03-24 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134848 title Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20200323) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4335-1.NASL description Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting (XSS) attacks, or execute arbitrary code. (CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-17005, CVE-2019-17008, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026, CVE-2019-20503, CVE-2020-6798, CVE-2020-6800, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6812, CVE-2020-6814, CVE-2020-6819, CVE-2020-6820, CVE-2020-6821, CVE-2020-6825) It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2019-11745) It was discovered that a specially crafted S/MIME message with an inner encryption layer could be displayed as having a valid signature in some circumstances, even if the signer had no access to the encrypted message. An attacker could potentially exploit this to spoof the message author. (CVE-2019-11755) A heap overflow was discovered in the expat library in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2019-15903) It was discovered that Message ID calculation was based on uninitialized data. An attacker could potentially exploit this to obtain sensitive information. (CVE-2020-6792) Mutiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2020-6793, CVE-2020-6795, CVE-2020-6822) It was discovered that if a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords would still be accessible. A local user could exploit this to obtain sensitive information. (CVE-2020-6794) It was discovered that the Devtools last seen 2020-05-08 modified 2020-04-22 plugin id 135896 published 2020-04-22 reporter Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135896 title Ubuntu 16.04 LTS : thunderbird vulnerabilities (USN-4335-1) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-0905.NASL description From Red Hat Security Advisory 2020:0905 : The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0905 advisory. - Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-06 modified 2020-03-20 plugin id 134753 published 2020-03-20 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134753 title Oracle Linux 7 : thunderbird (ELSA-2020-0905) NASL family Scientific Linux Local Security Checks NASL id SL_20200316_FIREFOX_ON_SL6_X.NASL description This update upgrades Firefox to version 68.6.0 ESR. Security Fix(es) : - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6 (CVE-2020-6814) - Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) - Mozilla: Devtools last seen 2020-05-31 modified 2020-03-18 plugin id 134646 published 2020-03-18 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134646 title Scientific Linux Security Update : firefox on SL6.x i386/x86_64 (20200316) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-202003-02.NASL description The remote host is affected by the vulnerability described in GLSA-202003-02 (Mozilla Firefox: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page, possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, spoof the address bar, conduct clickjacking attacks, bypass security restrictions and protection mechanisms, or have other unspecified impact. Workaround : There is no known workaround at this time. last seen 2020-05-08 modified 2020-03-13 plugin id 134469 published 2020-03-13 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134469 title GLSA-202003-02 : Mozilla Firefox: Multiple vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-0717-1.NASL description This update for MozillaFirefox fixes the following issues : Mozilla Firefox was updated to 68.6.0 ESR (MFSA 2020-09 bsc#1132665 bsc#1166238) CVE-2020-6805: Fixed a use-after-free when removing data about origins CVE-2020-6806: Fixed improper protections against state confusion CVE-2020-6807: Fixed a use-after-free in cubeb during stream destruction CVE-2020-6811: Fixed an issue where copy as cURL last seen 2020-05-08 modified 2020-03-20 plugin id 134756 published 2020-03-20 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134756 title SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:0717-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2020-340.NASL description This update for MozillaFirefox fixes the following issues : MozillaFirefox was updated to 68.6.0 ESR (MFSA 2020-09 bsc#1132665 bsc#1166238) - CVE-2020-6805: Fixed a use-after-free when removing data about origins - CVE-2020-6806: Fixed improper protections against state confusion - CVE-2020-6807: Fixed a use-after-free in cubeb during stream destruction - CVE-2020-6811: Fixed an issue where copy as cURL last seen 2020-05-08 modified 2020-03-16 plugin id 134617 published 2020-03-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134617 title openSUSE Security Update : MozillaFirefox (openSUSE-2020-340) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4639.NASL description Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. last seen 2020-05-08 modified 2020-03-12 plugin id 134434 published 2020-03-12 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134434 title Debian DSA-4639-1 : firefox-esr - security update NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2020-0815.NASL description The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0815 advisory. - Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-06 modified 2020-03-26 plugin id 134900 published 2020-03-26 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134900 title CentOS 7 : firefox (CESA-2020:0815) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2020-073-01.NASL description New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. last seen 2020-05-08 modified 2020-03-16 plugin id 134616 published 2020-03-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134616 title Slackware 14.2 / current : mozilla-thunderbird (SSA:2020-073-01) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4328-1.NASL description It was discovered that Message ID calculation was based on uninitialized data. An attacker could potentially exploit this to obtain sensitive information. (CVE-2020-6792) Mutiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2020-6793, CVE-2020-6795, CVE-2020-6822) It was discovered that if a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords would still be accessible. A local user could exploit this to obtain sensitive information. (CVE-2020-6794) Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting (XSS) attacks, obtain sensitive information, or execute arbitrary code. (CVE-2019-20503, CVE-2020-6798, CVE-2020-6800, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6812, CVE-2020-6814, CVE-2020-6819, CVE-2020-6820, CVE-2020-6821, CVE-2020-6825) It was discovered that the Devtools last seen 2020-05-08 modified 2020-04-14 plugin id 135455 published 2020-04-14 reporter Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135455 title Ubuntu 18.04 LTS / 19.10 : thunderbird vulnerabilities (USN-4328-1) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2020-0905.NASL description The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0905 advisory. - Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-06 modified 2020-03-26 plugin id 134911 published 2020-03-26 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134911 title CentOS 7 : thunderbird (CESA-2020:0905) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0815.NASL description The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0815 advisory. - Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-02 modified 2020-03-18 plugin id 134665 published 2020-03-18 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134665 title RHEL 7 : firefox (RHSA-2020:0815) NASL family Windows NASL id MOZILLA_FIREFOX_74_0.NASL description The version of Firefox installed on the remote Windows host is prior to 74.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-08 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-05-06 modified 2020-03-11 plugin id 134405 published 2020-03-11 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134405 title Mozilla Firefox < 74.0 Multiple Vulnerabilities NASL family Scientific Linux Local Security Checks NASL id SL_20200316_FIREFOX_ON_SL7_X.NASL description This update upgrades Firefox to version 68.6.0 ESR. Security Fix(es) : - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6 (CVE-2020-6814) - Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) - Mozilla: Devtools last seen 2020-05-31 modified 2020-03-18 plugin id 134647 published 2020-03-18 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134647 title Scientific Linux Security Update : firefox on SL7.x x86_64 (20200316) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-2150.NASL description Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code. For Debian 8 last seen 2020-05-08 modified 2020-03-23 plugin id 134767 published 2020-03-23 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134767 title Debian DLA-2150-1 : thunderbird security update NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-0686-1.NASL description This update for MozillaFirefox fixes the following issues : Mozilla Firefox was updated to 68.6.0 ESR (MFSA 2020-09 bsc#1132665 bsc#1166238) CVE-2020-6805: Fixed a use-after-free when removing data about origins CVE-2020-6806: Fixed improper protections against state confusion CVE-2020-6807: Fixed a use-after-free in cubeb during stream destruction CVE-2020-6811: Fixed an issue where copy as cURL last seen 2020-05-08 modified 2020-03-16 plugin id 134623 published 2020-03-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134623 title SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:0686-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0820.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0820 advisory. - Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-02 modified 2020-03-18 plugin id 134667 published 2020-03-18 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134667 title RHEL 8 : firefox (RHSA-2020:0820) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0918.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0918 advisory. - usrsctp: Out of bounds reads in sctp_load_addresses_from_init() (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-02 modified 2020-03-24 plugin id 134868 published 2020-03-24 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134868 title RHEL 8 : thunderbird (RHSA-2020:0918) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0905.NASL description The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0905 advisory. - Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-02 modified 2020-03-23 plugin id 134831 published 2020-03-23 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134831 title RHEL 7 : thunderbird (RHSA-2020:0905) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-2140.NASL description Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. For Debian 8 last seen 2020-05-08 modified 2020-03-12 plugin id 134432 published 2020-03-12 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134432 title Debian DLA-2140-1 : firefox-esr security update NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0819.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0819 advisory. - usrsctp: Out of bounds reads in sctp_load_addresses_from_init() (CVE-2019-20503) - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Devtools last seen 2020-06-02 modified 2020-03-24 plugin id 134838 published 2020-03-24 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134838 title RHEL 8 : firefox (RHSA-2020:0819) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4299-1.NASL description Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the URL or other browser chrome, obtain sensitive information, bypass Content Security Policy (CSP) protections, or execute arbitrary code. (CVE-2019-20503, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6808, CVE-2020-6810, CVE-2020-6812, CVE-2020-6813, CVE-2020-6814, CVE-2020-6815) It was discovered that Web Extensions with the all-url permission could access local files. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit this to obtain sensitive information. (CVE-2020-6809) It was discovered that the Devtools last seen 2020-05-08 modified 2020-03-12 plugin id 134442 published 2020-03-12 reporter Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134442 title Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : firefox vulnerabilities (USN-4299-1) NASL family Scientific Linux Local Security Checks NASL id SL_20200319_THUNDERBIRD_ON_SL7_X.NASL description Security Fix(es) : - Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) - Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) - Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) - Mozilla: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6 (CVE-2020-6814) - Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) - Mozilla: Devtools last seen 2020-05-31 modified 2020-03-20 plugin id 134754 published 2020-03-20 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134754 title Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20200319) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4642.NASL description Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code. last seen 2020-05-08 modified 2020-03-23 plugin id 134772 published 2020-03-23 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134772 title Debian DSA-4642-1 : thunderbird - security update NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-202003-10.NASL description The remote host is affected by the vulnerability described in GLSA-202003-10 (Mozilla Thunderbird: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact : A remote attacker may be able to execute arbitrary code, cause a Denial of Service condition, obtain sensitive information, or conduct Cross-Site Request Forgery (CSRF). Workaround : There is no known workaround at this time. last seen 2020-05-08 modified 2020-03-16 plugin id 134587 published 2020-03-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134587 title GLSA-202003-10 : Mozilla Thunderbird: Multiple vulnerabilities
Redhat
rpms |
|
References
- https://bugzilla.mozilla.org/show_bug.cgi?id=1614971
- https://bugzilla.mozilla.org/show_bug.cgi?id=1614971
- https://usn.ubuntu.com/4328-1/
- https://usn.ubuntu.com/4328-1/
- https://usn.ubuntu.com/4335-1/
- https://usn.ubuntu.com/4335-1/
- https://www.mozilla.org/security/advisories/mfsa2020-08/
- https://www.mozilla.org/security/advisories/mfsa2020-08/
- https://www.mozilla.org/security/advisories/mfsa2020-09/
- https://www.mozilla.org/security/advisories/mfsa2020-09/
- https://www.mozilla.org/security/advisories/mfsa2020-10/
- https://www.mozilla.org/security/advisories/mfsa2020-10/