Lucene search
UbuntuUSN-4317-1HistoryApr 04, 2020 - 12:00 a.m.
Firefox vulnerabilities
2020-04-0400:00:00
ubuntu.com
124
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.034
Percentile
91.4%
Releases
- Ubuntu 19.10
- Ubuntu 18.04 ESM
- Ubuntu 16.04 ESM
Packages
- firefox - Mozilla Open Source web browser
Details
Two use-after-free bugs were discovered in Firefox. If a user were tricked
in to opening a specially crafted website, an attacker could exploit these
to cause a denial of service or execute arbitrary code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 19.10 | noarch | firefox | < 74.0.1+build1-0ubuntu0.19.10.1 | UNKNOWN |
| Ubuntu | 19.10 | noarch | firefox-dbg | < 74.0.1+build1-0ubuntu0.19.10.1 | UNKNOWN |
| Ubuntu | 19.10 | noarch | firefox-dev | < 74.0.1+build1-0ubuntu0.19.10.1 | UNKNOWN |
| Ubuntu | 19.10 | noarch | firefox-geckodriver | < 74.0.1+build1-0ubuntu0.19.10.1 | UNKNOWN |
| Ubuntu | 19.10 | noarch | firefox-locale-af | < 74.0.1+build1-0ubuntu0.19.10.1 | UNKNOWN |
| Ubuntu | 19.10 | noarch | firefox-locale-an | < 74.0.1+build1-0ubuntu0.19.10.1 | UNKNOWN |
| Ubuntu | 19.10 | noarch | firefox-locale-ar | < 74.0.1+build1-0ubuntu0.19.10.1 | UNKNOWN |
| Ubuntu | 19.10 | noarch | firefox-locale-as | < 74.0.1+build1-0ubuntu0.19.10.1 | UNKNOWN |
| Ubuntu | 19.10 | noarch | firefox-locale-ast | < 74.0.1+build1-0ubuntu0.19.10.1 | UNKNOWN |
| Ubuntu | 19.10 | noarch | firefox-locale-az | < 74.0.1+build1-0ubuntu0.19.10.1 | UNKNOWN |
Related
openvas
openvas
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2020:0461-1)
2020-04-07 00:00:00
Ubuntu: Security Advisory (USN-4317-1)
2020-04-05 00:00:00
Mageia: Security Advisory (MGASA-2020-0161)
2022-01-28 00:00:00
nessus
nessus
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:0928-1)
2020-04-07 00:00:00
openSUSE Security Update : MozillaFirefox (openSUSE-2020-461)
2020-04-07 00:00:00
Mozilla Firefox ESR < 68.6.1
2020-04-06 00:00:00
kaspersky
kaspersky
KLA11712 Multiple vulnerabilities in Mozilla Firefox ESR
2020-04-03 00:00:00
KLA11711 Multiple vulnerabilities in Mozilla Firefox
2020-04-03 00:00:00
KLA11730 Multiple vulnerabilities in Mozilla Thunderbird
2020-04-09 00:00:00
oraclelinux
oraclelinux
firefox security update
2020-04-09 00:00:00
firefox security update
2020-04-11 00:00:00
firefox security update
2020-07-07 00:00:00
redos
redos
centos
centos
firefox security update
2020-04-08 15:31:17
thunderbird security update
2020-04-28 00:21:12
thunderbird security update
2020-04-30 19:57:02
debian
debian
[SECURITY] [DSA 4653-1] firefox-esr security update
2020-04-04 15:20:25
[SECURITY] [DLA 2170-1] firefox-esr security update
2020-04-08 11:36:20
[SECURITY] [DLA 2172-1] thunderbird security update
2020-04-14 10:27:34
suse
suse
Security update for MozillaFirefox (critical)
2020-04-06 00:00:00
Security update for MozillaThunderbird (important)
2020-04-15 00:00:00
Security update for MozillaThunderbird (important)
2020-04-23 00:00:00
threatpost
threatpost
Firefox Zero-Day Flaws Exploited in the Wild Get Patched
2020-04-04 13:28:43
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 68.6.1-alt1
2020-04-04 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 68.7.0-alt1
2020-04-08 00:00:00
redhat
redhat
(RHSA-2020:1338) Critical: firefox security update
2020-04-07 07:45:26
(RHSA-2020:1340) Critical: firefox security update
2020-04-07 07:05:11
(RHSA-2020:1339) Critical: firefox security update
2020-04-07 07:39:52
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2020-04-04 00:00:00
archlinux
archlinux
[ASA-202004-6] firefox: arbitrary code execution
2020-04-04 00:00:00
[ASA-202004-12] thunderbird: multiple issues
2020-04-13 00:00:00
osv
osv
firefox-esr - security update
2020-04-04 00:00:00
thunderbird - security update
2020-04-13 00:00:00
thunderbird - security update
2020-04-14 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2020-04-05 20:07:15
Updated thunderbird packages fix security vulnerabilities
2020-04-15 13:12:14
mozilla
mozilla
Security Vulnerabilities fixed in Firefox 74.0.1 and Firefox ESR 68.6.1 — Mozilla
2020-04-03 00:00:00
Security Vulnerabilities fixed in Thunderbird 68.7.0 — Mozilla
2020-04-09 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2020-04-04 00:08:09
ubuntucve
ubuntucve
CVE-2020-6819
2020-04-03 00:00:00
CVE-2020-6820
2020-04-03 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-08 00:44:27
Denial Of Service (DoS)
2020-04-08 00:44:28
cisa_kev
cisa_kev
Mozilla Firefox And Thunderbird Use-After-Free Vulnerability
2021-11-03 00:00:00
Mozilla Firefox And Thunderbird Use-After-Free Vulnerability
2021-11-03 00:00:00
cvelist
cvelist
CVE-2020-6819
2020-04-24 15:56:56
CVE-2020-6820
2020-04-24 15:56:04
redhatcve
redhatcve
CVE-2020-6819
2020-04-04 12:05:29
CVE-2020-6820
2020-04-04 12:05:29
prion
prion
Race condition
2020-04-24 16:15:00
Race condition
2020-04-24 16:15:00
alpinelinux
alpinelinux
CVE-2020-6819
2020-04-24 16:15:13
CVE-2020-6820
2020-04-24 16:15:13
cve
cve
CVE-2020-6820
2020-04-24 16:15:13
CVE-2020-6819
2020-04-24 16:15:13
attackerkb
attackerkb
CVE-2020-6820
2020-04-24 00:00:00
CVE-2020-6819
2020-04-24 00:00:00
nvd
nvd
CVE-2020-6820
2020-04-24 16:15:13
CVE-2020-6819
2020-04-24 16:15:13
debiancve
debiancve
CVE-2020-6820
2020-04-24 16:15:13
CVE-2020-6819
2020-04-24 16:15:13
amazon
amazon
Critical: thunderbird
2020-05-19 18:32:00
securelist
securelist
IT threat evolution Q2 2020. PC statistics
2020-09-03 10:30:23
ubuntu
ubuntu
Thunderbird vulnerabilities
2020-04-13 00:00:00
Thunderbird vulnerabilities
2020-04-21 00:00:00
googleprojectzero
googleprojectzero
Déjà vu-lnerability
2021-02-03 00:00:00
qualysblog
qualysblog
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.034
Percentile
91.4%
Related for USN-4317-1