Firefox Patches Critical Mystery Bug, Also Impacting Google Chrome

A Mozilla Foundation update to the Firefox web browser, released Tuesday, tackles one critical vulnerability and a handful of high-severity bugs. The update, released as Firefox version 84, is also billed by Mozilla as boosting the browser’s performance and adding native support for macOS hardwar...

CVE-2020-26972

The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to. Such a check was omitted in WebGL, resulting in a use-after-free and a potentially exploitable crash. This...

CVE-2020-26971

Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...

CVE-2020-26973

Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...

CVE-2020-26974

When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR...

CVE-2020-26966

Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak. Note: This issue only affected Windows operating systems. Other operating systems are unaffected.. This...

CVE-2020-26964

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix...

CVE-2020-26954

When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on...

JerryScript has a binary vulnerability (CNVD-2020-72434)

JerryScript is a lightweight JavaScript engine . A binary vulnerability exists in JerryScript, which can be exploited by attackers to cause a denial of service...

JerryScript has a binary vulnerability (CNVD-2020-72423)

JerryScript is a lightweight JavaScript engine . A binary vulnerability exists in JerryScript, which can be exploited by attackers to cause a denial of service...

Foxit Reader JavaScript media openPlayer type confusion vulnerability

Summary A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker needs to trick the...

JerryScript has a binary vulnerability (CNVD-2020-72431)

JerryScript is a lightweight JavaScript engine . A binary vulnerability exists in JerryScript, which can be exploited by attackers to cause a denial of service...

Foxit Reader JavaScript choice field use-after-free vulnerability

Summary A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open t...

JerryScript has a binary vulnerability (CNVD-2020-72404)

JerryScript is a lightweight JavaScript engine . A binary vulnerability exists in JerryScript, which can be exploited by attackers to cause a denial of service...

JerryScript has a binary vulnerability (CNVD-2020-72424)

JerryScript is a lightweight JavaScript engine . A binary vulnerability exists in JerryScript, which can be exploited by attackers to cause a denial of service...

Google Chrome Information Disclosure Vulnerability

Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in versions prior to Google chrome 87.0.4280.88 that stems from the use of uninitialized V8...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, an American company. Google chrome has a security vulnerability that stems from insufficient data validation in V8. A remote attacker can exploit the vulnerability to conduct a potential attack by leveraging heap corruption via a crafted HTML page...

CVE-2020-26969

Mozilla developers reported memory safety bugs present in Firefox 82. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 83...

CVE-2020-26960

If the Compact method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

Stack Overflow Vulnerability in Google V8 Java Engine

Google V8 is a set of open source JavaScript engine . A stack overflow vulnerability exists in Google V8 Java Engine. An attacker could exploit this vulnerability to cause a denial of service...