Description
Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 80, Firefox ESR < 78.2, Thunderbird < 78.2, and Firefox for Android < 80.
Published: 2020-10-01
Score: 8.8 High
EPSS: 1.1% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2020-7657 Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 80, Firefox ESR < 78.2, Thunderbird < 78.2, and Firefox for Android < 80.
Ubuntu USN Ubuntu USN USN-4474-1 Firefox vulnerabilities
History

No history.

Subscriptions

Mozilla Firefox Firefox Esr Thunderbird
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2024-08-04T13:22:30.668Z

Reserved: 2020-07-10T00:00:00.000Z

Link: CVE-2020-15670

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-10-01T19:15:13.470

Modified: 2026-06-17T02:57:01.360

Link: CVE-2020-15670

cve-icon Redhat

Severity : Important

Publid Date: 2020-08-25T00:00:00Z

Links: CVE-2020-15670 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses
  • CWE-120

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

  • CWE-362

    Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

  • CWE-416

    Use After Free

  • CWE-617

    Reachable Assertion