Lucene search

K
ubuntucveUbuntu.comUB:CVE-2020-6812
HistoryMar 11, 2020 - 12:00 a.m.

CVE-2020-6812

2020-03-1100:00:00
ubuntu.com
ubuntu.com
24

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.002

Percentile

57.7%

The first time AirPods are connected to an iPhone, they become named after
the user’s name by default (e.g. Jane Doe’s AirPods.) Websites with camera
or microphone permission are able to enumerate device names, disclosing the
user’s name. To resolve this issue, Firefox added a special case that
renames devices containing the substring ‘AirPods’ to simply ‘AirPods’.
This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox <
ESR68.6, and Firefox ESR < 68.6.

Notes

Author Note
tyhicks mozjs contains a copy of the SpiderMonkey JavaScript engine
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchfirefox< 74.0+build3-0ubuntu0.18.04.1UNKNOWN
ubuntu19.10noarchfirefox< 74.0+build3-0ubuntu0.19.10.1UNKNOWN
ubuntu20.04noarchfirefox< 74.0+build3-0ubuntu1UNKNOWN
ubuntu20.10noarchfirefox< 74.0+build3-0ubuntu1UNKNOWN
ubuntu21.04noarchfirefox< 74.0+build3-0ubuntu1UNKNOWN
ubuntu21.10noarchfirefox< 74.0+build3-0ubuntu1UNKNOWN
ubuntu22.04noarchfirefox< 74.0+build3-0ubuntu1UNKNOWN
ubuntu22.10noarchfirefox< 74.0+build3-0ubuntu1UNKNOWN
ubuntu23.04noarchfirefox< 74.0+build3-0ubuntu1UNKNOWN
ubuntu23.10noarchfirefox< 74.0+build3-0ubuntu1UNKNOWN
Rows per page:
1-10 of 241

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.002

Percentile

57.7%