Vulnerability Level: High

CVE-No’s:

  • CVE-2020-12399
  • CVE-2020-12405
  • CVE-2020-12406
  • CVE-2020-12407
  • CVE-2020-12408
  • CVE-2020-12409
  • CVE-2020-12410
  • CVE-2020-12411

Risks:

  • Timing Attack on DSA signatures.
  • When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash.
  • a missing type check during unboxed objects removal, resulting in a crash. With enough effort that it could be exploited to run arbitrary code.
  • when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content.
  • When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar.
  • When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL.
  •  memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and with enough effort some of these could have been exploited to run arbitrary code.
  • memory safety bugs present in Firefox 76. Some of these bugs showed evidence of memory corruption and with enough effort some of these could have been exploited to run arbitrary code.

Vulnerable Parties: Anyone or any company using Mozilla Firefox version upto 76.* .

Products vulnerable: Mozilla Firefox version upto 76.

Recommendation: Mozilla has released an update to Firefox version 77 which resolves all the issues mentioned above.

Documentation: For more details visit here: 

https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/

Online Marketing Company View Media Website hacked and More than 38 million US citizen records exposed.
What happened? According to the reports of CyberNews research team, They have …
Indian Prime Minister Narendra Modi’s website Twitter account hacked. Used for Bitcoin scam.
What happened? Today, on 03rd September, Weird tweets were being posted from …

Have some thoughts? why not share with us here.

Hey we spotted an adblocker on your browser

Hello, Welcome to Stormbreaker.
We are happy that you opened our website but please disable the adblocker to view further.
Ads are a way this page is generating revenue and making this awesome site and people behind it working. 
Thank you in advanced.
Team Stormbreaker.