ID CVE-2020-12408 Type cve Reporter cve@mitre.org Modified 2020-07-13T01:50:00
Description
When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar. This vulnerability affects Firefox < 77.
{"gentoo": [{"lastseen": "2020-06-13T05:24:00", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12406", "CVE-2020-12409", "CVE-2020-12408", "CVE-2020-12407", "CVE-2020-12410", "CVE-2020-12405", "CVE-2020-12411"], "description": "### Background\n\nMozilla Firefox is a popular open-source web browser from the Mozilla Project. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Mozilla Firefox users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-68.9.0\"\n \n\nAll Mozilla Firefox binary users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-68.9.0\"", "edition": 1, "modified": "2020-06-13T00:00:00", "published": "2020-06-13T00:00:00", "id": "GLSA-202006-07", "href": "https://security.gentoo.org/glsa/202006-07", "title": "Mozilla Firefox: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 0.0, "vector": "NONE"}}], "nessus": [{"lastseen": "2020-09-29T06:54:31", "description": "The remote host is affected by the vulnerability described in GLSA-202006-07\n(Mozilla Firefox: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Mozilla Firefox. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 6, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-06-17T00:00:00", "title": "GLSA-202006-07 : Mozilla Firefox: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12406", "CVE-2020-12409", "CVE-2020-12408", "CVE-2020-12407", "CVE-2020-12410", "CVE-2020-12405", "CVE-2020-12411"], "modified": "2020-06-17T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:firefox", "cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:firefox-bin"], "id": "GENTOO_GLSA-202006-07.NASL", "href": "https://www.tenable.com/plugins/nessus/137444", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202006-07.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137444);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/28\");\n\n script_cve_id(\"CVE-2020-12405\", \"CVE-2020-12406\", \"CVE-2020-12407\", \"CVE-2020-12408\", \"CVE-2020-12409\", \"CVE-2020-12410\", \"CVE-2020-12411\");\n script_xref(name:\"GLSA\", value:\"202006-07\");\n script_xref(name:\"IAVA\", value:\"2020-A-0344-S\");\n\n script_name(english:\"GLSA-202006-07 : Mozilla Firefox: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202006-07\n(Mozilla Firefox: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Mozilla Firefox. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202006-07\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Mozilla Firefox users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/firefox-68.9.0'\n All Mozilla Firefox binary users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/firefox-bin-68.9.0'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-12411\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:firefox-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/firefox\", unaffected:make_list(\"ge 68.9.0\"), vulnerable:make_list(\"lt 68.9.0\"))) flag++;\nif (qpkg_check(package:\"www-client/firefox-bin\", unaffected:make_list(\"ge 68.9.0\"), vulnerable:make_list(\"lt 68.9.0\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mozilla Firefox\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-14T15:45:50", "description": "The version of Firefox installed on the remote macOS or Mac OS X host is prior to 77.0. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the mfsa2020-20 advisory.\n\n - NSS has shown timing differences when performing DSA\n signatures, which was exploitable and could eventually\n leak private keys. (CVE-2020-12399)\n\n - When browsing a malicious page, a race condition in our\n SharedWorkerService could occur and lead to a\n potentially exploitable crash. (CVE-2020-12405)\n\n - Mozilla Developer Iain Ireland discovered a missing type\n check during unboxed objects removal, resulting in a\n crash. We presume that with enough effort that it could\n be exploited to run arbitrary code. (CVE-2020-12406)\n\n - Mozilla Developer Nicolas Silva found that when using\n WebRender, Firefox would under certain conditions leak\n arbitrary GPU memory to the visible screen. The leaked\n memory content was visible to the user, but not\n observable from web content. (CVE-2020-12407)\n\n - When browsing a document hosted on an IP address, an\n attacker could insert certain characters to flip domain\n and path information in the address bar.\n (CVE-2020-12408)\n\n - Mozilla developers Tom Tung and Karl Tomlinson reported\n memory safety bugs present in Firefox 76 and Firefox ESR\n 68.8. Some of these bugs showed evidence of memory\n corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary\n code. (CVE-2020-12409)\n\n - Mozilla developers :Gijs (he/him), Randell Jesup\n reported memory safety bugs present in Firefox 76. Some\n of these bugs showed evidence of memory corruption and\n we presume that with enough effort some of these could\n have been exploited to run arbitrary code.\n (CVE-2020-12411)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 6, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-06-02T00:00:00", "title": "Mozilla Firefox < 77.0", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12406", "CVE-2020-12409", "CVE-2020-12408", "CVE-2020-12407", "CVE-2020-12405", "CVE-2020-12411", "CVE-2020-12399"], "modified": "2020-06-02T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MACOS_FIREFOX_77_0.NASL", "href": "https://www.tenable.com/plugins/nessus/137048", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2020-20.\n# The text itself is copyright (C) Mozilla Foundation.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137048);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/13\");\n\n script_cve_id(\n \"CVE-2020-12399\",\n \"CVE-2020-12405\",\n \"CVE-2020-12406\",\n \"CVE-2020-12407\",\n \"CVE-2020-12408\",\n \"CVE-2020-12409\",\n \"CVE-2020-12411\"\n );\n script_xref(name:\"MFSA\", value:\"2020-20\");\n script_xref(name:\"IAVA\", value:\"2020-A-0238-S\");\n\n script_name(english:\"Mozilla Firefox < 77.0\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox installed on the remote macOS or Mac OS X host is prior to 77.0. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the mfsa2020-20 advisory.\n\n - NSS has shown timing differences when performing DSA\n signatures, which was exploitable and could eventually\n leak private keys. (CVE-2020-12399)\n\n - When browsing a malicious page, a race condition in our\n SharedWorkerService could occur and lead to a\n potentially exploitable crash. (CVE-2020-12405)\n\n - Mozilla Developer Iain Ireland discovered a missing type\n check during unboxed objects removal, resulting in a\n crash. We presume that with enough effort that it could\n be exploited to run arbitrary code. (CVE-2020-12406)\n\n - Mozilla Developer Nicolas Silva found that when using\n WebRender, Firefox would under certain conditions leak\n arbitrary GPU memory to the visible screen. The leaked\n memory content was visible to the user, but not\n observable from web content. (CVE-2020-12407)\n\n - When browsing a document hosted on an IP address, an\n attacker could insert certain characters to flip domain\n and path information in the address bar.\n (CVE-2020-12408)\n\n - Mozilla developers Tom Tung and Karl Tomlinson reported\n memory safety bugs present in Firefox 76 and Firefox ESR\n 68.8. Some of these bugs showed evidence of memory\n corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary\n code. (CVE-2020-12409)\n\n - Mozilla developers :Gijs (he/him), Randell Jesup\n reported memory safety bugs present in Firefox 76. Some\n of these bugs showed evidence of memory corruption and\n we presume that with enough effort some of these could\n have been exploited to run arbitrary code.\n (CVE-2020-12411)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox version 77.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-12411\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Installed\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nkb_base = 'MacOSX/Firefox';\nget_kb_item_or_exit(kb_base+'/Installed');\n\nversion = get_kb_item_or_exit(kb_base+'/Version', exit_code:1);\npath = get_kb_item_or_exit(kb_base+'/Path', exit_code:1);\n\nis_esr = get_kb_item(kb_base+'/is_esr');\nif (is_esr) exit(0, 'The Mozilla Firefox installation is in the ESR branch.');\n\nmozilla_check_version(version:version, path:path, product:'firefox', esr:FALSE, fix:'77.0', severity:SECURITY_HOLE);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-14T16:22:27", "description": "The version of Firefox installed on the remote Windows host is prior to 77.0. It is, therefore, affected by multiple\nvulnerabilities as referenced in the mfsa2020-20 advisory.\n\n - NSS has shown timing differences when performing DSA\n signatures, which was exploitable and could eventually\n leak private keys. (CVE-2020-12399)\n\n - When browsing a malicious page, a race condition in our\n SharedWorkerService could occur and lead to a\n potentially exploitable crash. (CVE-2020-12405)\n\n - Mozilla Developer Iain Ireland discovered a missing type\n check during unboxed objects removal, resulting in a\n crash. We presume that with enough effort that it could\n be exploited to run arbitrary code. (CVE-2020-12406)\n\n - Mozilla Developer Nicolas Silva found that when using\n WebRender, Firefox would under certain conditions leak\n arbitrary GPU memory to the visible screen. The leaked\n memory content was visible to the user, but not\n observable from web content. (CVE-2020-12407)\n\n - When browsing a document hosted on an IP address, an\n attacker could insert certain characters to flip domain\n and path information in the address bar.\n (CVE-2020-12408)\n\n - Mozilla developers Tom Tung and Karl Tomlinson reported\n memory safety bugs present in Firefox 76 and Firefox ESR\n 68.8. Some of these bugs showed evidence of memory\n corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary\n code. (CVE-2020-12409)\n\n - Mozilla developers :Gijs (he/him), Randell Jesup\n reported memory safety bugs present in Firefox 76. Some\n of these bugs showed evidence of memory corruption and\n we presume that with enough effort some of these could\n have been exploited to run arbitrary code.\n (CVE-2020-12411)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 6, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-06-02T00:00:00", "title": "Mozilla Firefox < 77.0", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12406", "CVE-2020-12409", "CVE-2020-12408", "CVE-2020-12407", "CVE-2020-12405", "CVE-2020-12411", "CVE-2020-12399"], "modified": "2020-06-02T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MOZILLA_FIREFOX_77_0.NASL", "href": "https://www.tenable.com/plugins/nessus/137049", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2020-20.\n# The text itself is copyright (C) Mozilla Foundation.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137049);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/13\");\n\n script_cve_id(\n \"CVE-2020-12399\",\n \"CVE-2020-12405\",\n \"CVE-2020-12406\",\n \"CVE-2020-12407\",\n \"CVE-2020-12408\",\n \"CVE-2020-12409\",\n \"CVE-2020-12411\"\n );\n script_xref(name:\"MFSA\", value:\"2020-20\");\n script_xref(name:\"IAVA\", value:\"2020-A-0238-S\");\n\n script_name(english:\"Mozilla Firefox < 77.0\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox installed on the remote Windows host is prior to 77.0. It is, therefore, affected by multiple\nvulnerabilities as referenced in the mfsa2020-20 advisory.\n\n - NSS has shown timing differences when performing DSA\n signatures, which was exploitable and could eventually\n leak private keys. (CVE-2020-12399)\n\n - When browsing a malicious page, a race condition in our\n SharedWorkerService could occur and lead to a\n potentially exploitable crash. (CVE-2020-12405)\n\n - Mozilla Developer Iain Ireland discovered a missing type\n check during unboxed objects removal, resulting in a\n crash. We presume that with enough effort that it could\n be exploited to run arbitrary code. (CVE-2020-12406)\n\n - Mozilla Developer Nicolas Silva found that when using\n WebRender, Firefox would under certain conditions leak\n arbitrary GPU memory to the visible screen. The leaked\n memory content was visible to the user, but not\n observable from web content. (CVE-2020-12407)\n\n - When browsing a document hosted on an IP address, an\n attacker could insert certain characters to flip domain\n and path information in the address bar.\n (CVE-2020-12408)\n\n - Mozilla developers Tom Tung and Karl Tomlinson reported\n memory safety bugs present in Firefox 76 and Firefox ESR\n 68.8. Some of these bugs showed evidence of memory\n corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary\n code. (CVE-2020-12409)\n\n - Mozilla developers :Gijs (he/him), Randell Jesup\n reported memory safety bugs present in Firefox 76. Some\n of these bugs showed evidence of memory corruption and\n we presume that with enough effort some of these could\n have been exploited to run arbitrary code.\n (CVE-2020-12411)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox version 77.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-12411\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\ninstalls = get_kb_list(\"SMB/Mozilla/Firefox/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Firefox\");\n\nmozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'77.0', severity:SECURITY_HOLE);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-29T06:24:30", "description": "Multiple security issues were discovered in Firefox. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to cause a denial of service, spoof the\naddressbar, or execute arbitrary code. (CVE-2020-12405,\nCVE-2020-12406, CVE-2020-12407, CVE-2020-12408, CVE-2020-12409,\nCVE-2020-12410, CVE-2020-12411)\n\nIt was discovered that NSS showed timing differences when performing\nDSA signatures. An attacker could potentially exploit this to obtain\nprivate keys using a timing attack. (CVE-2020-12399).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 7, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-06-05T00:00:00", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.10 / 20.04 : firefox vulnerabilities (USN-4383-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12406", "CVE-2020-12409", "CVE-2020-12408", "CVE-2020-12407", "CVE-2020-12410", "CVE-2020-12405", "CVE-2020-12411", "CVE-2020-12399"], "modified": "2020-06-05T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04", "p-cpe:/a:canonical:ubuntu_linux:firefox", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.10"], "id": "UBUNTU_USN-4383-1.NASL", "href": "https://www.tenable.com/plugins/nessus/137179", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4383-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137179);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/28\");\n\n script_cve_id(\n \"CVE-2020-12399\",\n \"CVE-2020-12405\",\n \"CVE-2020-12406\",\n \"CVE-2020-12407\",\n \"CVE-2020-12408\",\n \"CVE-2020-12409\",\n \"CVE-2020-12410\",\n \"CVE-2020-12411\"\n );\n script_xref(name:\"USN\", value:\"4383-1\");\n script_xref(name:\"IAVA\", value:\"2020-A-0238-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0344-S\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.10 / 20.04 : firefox vulnerabilities (USN-4383-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple security issues were discovered in Firefox. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to cause a denial of service, spoof the\naddressbar, or execute arbitrary code. (CVE-2020-12405,\nCVE-2020-12406, CVE-2020-12407, CVE-2020-12408, CVE-2020-12409,\nCVE-2020-12410, CVE-2020-12411)\n\nIt was discovered that NSS showed timing differences when performing\nDSA signatures. An attacker could potentially exploit this to obtain\nprivate keys using a timing attack. (CVE-2020-12399).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://usn.ubuntu.com/4383-1/\");\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected firefox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-12411\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|19\\.10|20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 19.10 / 20.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"firefox\", pkgver:\"77.0.1+build1-0ubuntu0.16.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"firefox\", pkgver:\"77.0.1+build1-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"firefox\", pkgver:\"77.0.1+build1-0ubuntu0.19.10.1\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"firefox\", pkgver:\"77.0.1+build1-0ubuntu0.20.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-07-21T20:02:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12406", "CVE-2020-12409", "CVE-2020-12408", "CVE-2020-12407", "CVE-2020-12410", "CVE-2020-12405", "CVE-2020-12411", "CVE-2020-12399"], "description": "This host is installed with\n Mozilla Firefox and is prone to multiple vulnerabilities.", "modified": "2020-07-16T00:00:00", "published": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562310817036", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310817036", "type": "openvas", "title": "Mozilla Firefox Security Updates(mfsa_2020-20_2020-21)-MAC OS X", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:mozilla:firefox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.817036\");\n script_version(\"2020-07-16T09:26:29+0000\");\n script_cve_id(\"CVE-2020-12399\", \"CVE-2020-12405\", \"CVE-2020-12406\", \"CVE-2020-12407\",\n \"CVE-2020-12408\", \"CVE-2020-12409\", \"CVE-2020-12410\", \"CVE-2020-12411\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-16 09:26:29 +0000 (Thu, 16 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-03 13:32:01 +0530 (Wed, 03 Jun 2020)\");\n script_name(\"Mozilla Firefox Security Updates(mfsa_2020-20_2020-21)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with\n Mozilla Firefox and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exists due to,\n\n - Timing attack on DSA signatures in NSS library.\n\n - Use-after-free in SharedWorkerService.\n\n - JavaScript type confusion with NativeTypes.\n\n - WebRender leaking GPU memory when using border-image CSS directive.\n\n - URL spoofing when using IP addresses.\n\n - URL spoofing with unicode characters.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n attackers to conduct a denial-of-service or execute arbitrary code\n on affected system.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox version before\n 77 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox version 77\n or later, Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox/MacOSX/Version\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nffVer = infos['version'];\nffPath = infos['location'];\n\nif(version_is_less(version:ffVer, test_version:\"77\"))\n{\n report = report_fixed_ver(installed_version:ffVer, fixed_version:\"77\", install_path:ffPath);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:02:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12406", "CVE-2020-12409", "CVE-2020-12408", "CVE-2020-12407", "CVE-2020-12410", "CVE-2020-12405", "CVE-2020-12411", "CVE-2020-12399"], "description": "This host is installed with\n Mozilla Firefox and is prone to multiple vulnerabilities.", "modified": "2020-07-16T00:00:00", "published": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562310817035", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310817035", "type": "openvas", "title": "Mozilla Firefox Security Updates(mfsa_2020-20_2020-21)-Windows", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:mozilla:firefox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.817035\");\n script_version(\"2020-07-16T09:26:29+0000\");\n script_cve_id(\"CVE-2020-12399\", \"CVE-2020-12405\", \"CVE-2020-12406\", \"CVE-2020-12407\",\n \"CVE-2020-12408\", \"CVE-2020-12409\", \"CVE-2020-12410\", \"CVE-2020-12411\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-16 09:26:29 +0000 (Thu, 16 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-03 13:30:51 +0530 (Wed, 03 Jun 2020)\");\n script_name(\"Mozilla Firefox Security Updates(mfsa_2020-20_2020-21)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with\n Mozilla Firefox and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exists due to,\n\n - Timing attack on DSA signatures in NSS library.\n\n - Use-after-free in SharedWorkerService.\n\n - JavaScript type confusion with NativeTypes.\n\n - WebRender leaking GPU memory when using border-image CSS directive.\n\n - URL spoofing when using IP addresses.\n\n - URL spoofing with unicode characters.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n attackers to conduct a denial-of-service or execute arbitrary code\n on affected system.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox version before 77 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox version 77\n or later, Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_win.nasl\");\n script_mandatory_keys(\"Firefox/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE) ) exit( 0 );\nffVer = infos['version'];\nffPath = infos['location'];\n\nif(version_is_less(version:ffVer, test_version:\"77\"))\n{\n report = report_fixed_ver(installed_version:ffVer, fixed_version:\"77\", install_path:ffPath);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:04:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-12406", "CVE-2020-12409", "CVE-2020-12408", "CVE-2020-12407", "CVE-2020-12410", "CVE-2020-12405", "CVE-2020-12411", "CVE-2020-12399"], "description": "The remote host is missing an update for the ", "modified": "2020-07-16T00:00:00", "published": "2020-06-05T00:00:00", "id": "OPENVAS:1361412562310844458", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844458", "type": "openvas", "title": "Ubuntu: Security Advisory for firefox (USN-4383-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844458\");\n script_version(\"2020-07-16T09:26:29+0000\");\n script_cve_id(\"CVE-2020-12405\", \"CVE-2020-12406\", \"CVE-2020-12407\", \"CVE-2020-12408\", \"CVE-2020-12409\", \"CVE-2020-12410\", \"CVE-2020-12411\", \"CVE-2020-12399\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-16 09:26:29 +0000 (Thu, 16 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-05 03:00:49 +0000 (Fri, 05 Jun 2020)\");\n script_name(\"Ubuntu: Security Advisory for firefox (USN-4383-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU19\\.10|UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS|UBUNTU20\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4383-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-June/005465.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the USN-4383-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple security issues were discovered in Firefox. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to cause a denial of service, spoof the\naddressbar, or execute arbitrary code. (CVE-2020-12405, CVE-2020-12406,\nCVE-2020-12407, CVE-2020-12408, CVE-2020-12409, CVE-2020-12410,\nCVE-2020-12411)\n\nIt was discovered that NSS showed timing differences when performing DSA\nsignatures. An attacker could potentially exploit this to obtain private\nkeys using a timing attack. (CVE-2020-12399)\");\n\n script_tag(name:\"affected\", value:\"'firefox' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"firefox\", ver:\"77.0.1+build1-0ubuntu0.19.10.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"firefox\", ver:\"77.0.1+build1-0ubuntu0.18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"firefox\", ver:\"77.0.1+build1-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU20.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"firefox\", ver:\"77.0.1+build1-0ubuntu0.20.04.1\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2020-09-02T11:41:29", "bulletinFamily": "info", "cvelist": ["CVE-2020-12406", "CVE-2020-12409", "CVE-2020-12408", "CVE-2020-12407", "CVE-2020-12410", "CVE-2020-12405", "CVE-2020-12411", "CVE-2020-12399"], "description": "### *Detect date*:\n06/02/2020\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, spoof user interface.\n\n### *Affected products*:\nMozilla Firefox earlier than 77\n\n### *Solution*:\nUpdate to the latest version \n[Download Firefox](<https://www.mozilla.org/en-US/firefox/new/>)\n\n### *Original advisories*:\n[MFSA2020-20](<https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Mozilla Firefox](<https://threats.kaspersky.com/en/product/Mozilla-Firefox/>)\n\n### *CVE-IDS*:\n[CVE-2020-12411](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12411>)0.0Unknown \n[CVE-2020-12399](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399>)0.0Unknown \n[CVE-2020-12410](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410>)0.0Unknown \n[CVE-2020-12405](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405>)0.0Unknown \n[CVE-2020-12407](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12407>)0.0Unknown \n[CVE-2020-12408](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12408>)0.0Unknown \n[CVE-2020-12409](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12409>)0.0Unknown \n[CVE-2020-12406](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406>)0.0Unknown", "edition": 1, "modified": "2020-06-03T00:00:00", "published": "2020-06-02T00:00:00", "id": "KLA11792", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11792", "title": "\r KLA11792Multiple vulnerabilities in Mozilla Firefox ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:39", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12399", "CVE-2020-12405", "CVE-2020-12406", "CVE-2020-12407", "CVE-2020-12408", "CVE-2020-12409", "CVE-2020-12410", "CVE-2020-12411"], "description": "Arch Linux Security Advisory ASA-202006-1\n=========================================\n\nSeverity: High\nDate : 2020-06-02\nCVE-ID : CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12407\nCVE-2020-12408 CVE-2020-12409 CVE-2020-12410 CVE-2020-12411\nPackage : firefox\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1173\n\nSummary\n=======\n\nThe package firefox before version 77.0-1 is vulnerable to multiple\nissues including arbitrary code execution, denial of service, private\nkey recovery and content spoofing.\n\nResolution\n==========\n\nUpgrade to 77.0-1.\n\n# pacman -Syu \"firefox>=77.0-1\"\n\nThe problems have been fixed upstream in version 77.0.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2020-12399 (private key recovery)\n\nNSS before 3.52.1, as used in Firefox before 77.0 and Thunderbird\nbefore 68.9.0, has shown timing differences when performing DSA\nsignatures, which was exploitable and could eventually leak private\nkeys.\n\n- CVE-2020-12405 (denial of service)\n\nWhen browsing a malicious page in Firefox before 77.0 and Thunderbird\nbefore 68.9.0, a race condition in our SharedWorkerService could occur\nand lead to a potentially exploitable crash.\n\n- CVE-2020-12406 (arbitrary code execution)\n\nMozilla Developer Iain Ireland discovered a missing type check in\nFirefox before 77.0 and Thunderbird before 68.9.0 during unboxed\nobjects removal, resulting in a crash. We presume that with enough\neffort that it could be exploited to run arbitrary code.\n\n- CVE-2020-12407 (denial of service)\n\nMozilla Developer Nicolas Silva found that when using WebRender,\nFirefox would under certain conditions leak arbitrary GPU memory to the\nvisible screen. The leaked memory content was visible to the user, but\nnot observable from web content.\n\n- CVE-2020-12408 (content spoofing)\n\nWhen browsing a document hosted on an IP address, an attacker could\ninsert certain characters to flip domain and path information in the\naddress bar.\n\n- CVE-2020-12409 (content spoofing)\n\nWhen using certain blank characters in a URL, they where incorrectly\nrendered as spaces instead of an encoded URL.\n\n- CVE-2020-12410 (arbitrary code execution)\n\nMozilla developers Tom Tung and Karl Tomlinson reported memory safety\nbugs present in Firefox 76, Firefox ESR 68.8 and Thunderbird before\n68.9.0. Some of these bugs showed evidence of memory corruption and\nMozilla presumes that with enough effort some of these could have been\nexploited to run arbitrary code.\n\n- CVE-2020-12411 (arbitrary code execution)\n\nMozilla developers :Gijs (he/him), Randell Jesup reported memory safety\nbugs present in Firefox 76. Some of these bugs showed evidence of\nmemory corruption and we presume that with enough effort some of these\ncould have been exploited to run arbitrary code.\n\nImpact\n======\n\nA remote attacker might be able to recover private keys, spoof content,\nexecute arbitrary code or crash the application.\n\nReferences\n==========\n\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2020-20/\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1631576\nhttps://hg.mozilla.org/projects/nss/rev/daa823a4a29bcef0fec33a379ec83857429aea2e\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1631618\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1639590\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1637112\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1623888\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1629506\nhttps://bugzilla.mozilla.org/buglist.cgi?bug_id=1619305%2C1632717\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1506173\nhttps://security.archlinux.org/CVE-2020-12399\nhttps://security.archlinux.org/CVE-2020-12405\nhttps://security.archlinux.org/CVE-2020-12406\nhttps://security.archlinux.org/CVE-2020-12407\nhttps://security.archlinux.org/CVE-2020-12408\nhttps://security.archlinux.org/CVE-2020-12409\nhttps://security.archlinux.org/CVE-2020-12410\nhttps://security.archlinux.org/CVE-2020-12411", "modified": "2020-06-02T00:00:00", "published": "2020-06-02T00:00:00", "id": "ASA-202006-1", "href": "https://security.archlinux.org/ASA-202006-1", "type": "archlinux", "title": "[ASA-202006-1] firefox: multiple issues", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-15T12:25:27", "bulletinFamily": "unix", "cvelist": ["CVE-2020-12406", "CVE-2020-12409", "CVE-2020-12408", "CVE-2020-12407", "CVE-2020-12410", "CVE-2020-12405", "CVE-2020-12411", "CVE-2020-12399"], "description": "Multiple security issues were discovered in Firefox. If a user were \ntricked in to opening a specially crafted website, an attacker could \npotentially exploit these to cause a denial of service, spoof the \naddressbar, or execute arbitrary code. (CVE-2020-12405, CVE-2020-12406, \nCVE-2020-12407, CVE-2020-12408, CVE-2020-12409, CVE-2020-12410, \nCVE-2020-12411)\n\nIt was discovered that NSS showed timing differences when performing DSA \nsignatures. An attacker could potentially exploit this to obtain private \nkeys using a timing attack. (CVE-2020-12399)", "edition": 3, "modified": "2020-06-04T00:00:00", "published": "2020-06-04T00:00:00", "id": "USN-4383-1", "href": "https://ubuntu.com/security/notices/USN-4383-1", "title": "Firefox vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
