Lucene search
IBMAD2501DFA46151319D5307C1B7028423A9C6E546211FCCC1BB56320115425038HistoryJul 02, 2020 - 10:35 a.m.
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 68.6.1 ESR + CVE-2020-6820) hava affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF11 + ICAM2019.3.0 - 2020.1.0
2020-07-0210:35:08
www.ibm.com
23
EPSS
0.009
Percentile
82.7%
Summary
Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-6820
Vulnerability Details
CVEID:CVE-2020-6820
**DESCRIPTION:**Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw when handling a ReadableStream. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service condition.
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/179047 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| APM AM | 8.1.4 |
| BAM | 1.0 |
| APM SaaS | 8.1.4 |
| APM on-premise | 8.1.4 |
| ICAM | 2019.3.0 - 2020.1.0 |
Remediation/Fixes
| Product Remediation | Fix |
|---|---|
| APM on-premise | Synthetic Playback Agent 8.1.4 IF12 |
| ICAM | ICAM 2020.2.0 |
Workarounds and Mitigations
None
Related
attackerkb
attackerkb
CVE-2020-6820
2020-04-24 00:00:00
alpinelinux
alpinelinux
CVE-2020-6820
2020-04-24 16:15:13
redhatcve
redhatcve
CVE-2020-6820
2020-04-04 12:05:29
nvd
nvd
CVE-2020-6820
2020-04-24 16:15:13
ubuntucve
ubuntucve
CVE-2020-6820
2020-04-03 00:00:00
cve
cve
CVE-2020-6820
2020-04-24 16:15:13
debiancve
debiancve
CVE-2020-6820
2020-04-24 16:15:13
veracode
veracode
Denial Of Service (DoS)
2020-04-08 00:44:28
cvelist
cvelist
CVE-2020-6820
2020-04-24 15:56:04
cisa_kev
cisa_kev
Mozilla Firefox And Thunderbird Use-After-Free Vulnerability
2021-11-03 00:00:00
prion
prion
Race condition
2020-04-24 16:15:00
redhat
redhat
(RHSA-2020:1339) Critical: firefox security update
2020-04-07 07:39:52
(RHSA-2020:1340) Critical: firefox security update
2020-04-07 07:05:11
(RHSA-2020:1338) Critical: firefox security update
2020-04-07 07:45:26
openvas
openvas
Slackware: Security Advisory (SSA:2020-094-01)
2022-04-21 00:00:00
Ubuntu: Security Advisory (USN-4317-1)
2020-04-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:14337-1)
2021-06-09 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2020-04-05 20:07:15
Updated thunderbird packages fix security vulnerabilities
2020-04-15 13:12:14
mozilla
mozilla
Security Vulnerabilities fixed in Firefox 74.0.1 and Firefox ESR 68.6.1 — Mozilla
2020-04-03 00:00:00
Security Vulnerabilities fixed in Thunderbird 68.7.0 — Mozilla
2020-04-09 00:00:00
nessus
nessus
Oracle Linux 8 : firefox (ELSA-2020-1341)
2020-04-10 00:00:00
openSUSE Security Update : MozillaFirefox (openSUSE-2020-461)
2020-04-07 00:00:00
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:0928-1)
2020-04-07 00:00:00
oraclelinux
oraclelinux
firefox security update
2020-04-09 00:00:00
firefox security update
2020-04-11 00:00:00
firefox security update
2020-07-07 00:00:00
kaspersky
kaspersky
KLA11712 Multiple vulnerabilities in Mozilla Firefox ESR
2020-04-03 00:00:00
KLA11711 Multiple vulnerabilities in Mozilla Firefox
2020-04-03 00:00:00
KLA11730 Multiple vulnerabilities in Mozilla Thunderbird
2020-04-09 00:00:00
suse
suse
Security update for MozillaFirefox (critical)
2020-04-06 00:00:00
Security update for MozillaThunderbird (important)
2020-04-15 00:00:00
Security update for MozillaThunderbird (important)
2020-04-23 00:00:00
centos
centos
firefox security update
2020-04-08 15:31:17
thunderbird security update
2020-04-30 19:57:02
thunderbird security update
2020-04-28 00:21:12
threatpost
threatpost
Firefox Zero-Day Flaws Exploited in the Wild Get Patched
2020-04-04 13:28:43
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 68.6.1-alt1
2020-04-04 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 68.7.0-alt1
2020-04-08 00:00:00
debian
debian
[SECURITY] [DSA 4653-1] firefox-esr security update
2020-04-04 15:20:25
[SECURITY] [DLA 2170-1] firefox-esr security update
2020-04-08 11:36:20
[SECURITY] [DSA 4656-1] thunderbird security update
2020-04-13 19:42:57
ubuntu
ubuntu
Firefox vulnerabilities
2020-04-04 00:00:00
Thunderbird vulnerabilities
2020-04-13 00:00:00
Thunderbird vulnerabilities
2020-04-21 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2020-04-04 00:08:09
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2020-04-04 00:00:00
archlinux
archlinux
[ASA-202004-6] firefox: arbitrary code execution
2020-04-04 00:00:00
[ASA-202004-12] thunderbird: multiple issues
2020-04-13 00:00:00
osv
osv
firefox-esr - security update
2020-04-04 00:00:00
firefox-esr - security update
2020-04-08 00:00:00
thunderbird - security update
2020-04-14 00:00:00
amazon
amazon
Critical: thunderbird
2020-05-19 18:32:00
securelist
securelist
IT threat evolution Q2 2020. PC statistics
2020-09-03 10:30:23
googleprojectzero
googleprojectzero
Déjà vu-lnerability
2021-02-03 00:00:00
qualysblog
qualysblog
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
EPSS
0.009
Percentile
82.7%
Related for AD2501DFA46151319D5307C1B7028423A9C6E546211FCCC1BB56320115425038