Description
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, spoof user interface.
Below is a complete list of vulnerabilities:
- Memory corruption vulnerability can be exploited to execute arbitrary code.
- Timing attack vulnerability in NSS library can be exploited to obtain sensitive information.
- Use after free vulnerability in SharedWorkerService can be exploited to potentially cause denial of service.
- GPU memory vulnerability can be exploited to spoof user interface.
- URL spoofing vulnerability in address bar can be exploited to perform domain spoofing.
- URL spoofing vulnerability in URL component can be exploited to perform domain spoofing.
- Type confusion vulnerability in JS can be exploited to cause denial of service.
Original advisories
Related products
CVE list
- CVE-2020-12411 critical
- CVE-2020-12399 warning
- CVE-2020-12410 critical
- CVE-2020-12405 warning
- CVE-2020-12407 warning
- CVE-2020-12408 warning
- CVE-2020-12409 high
- CVE-2020-12406 critical
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!