In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/166175/Firefox-MCallGetProperty-Write-Side-Effects-Use-After-Free.html | Exploit Third Party Advisory VDB Entry |
https://bugzilla.mozilla.org/show_bug.cgi?id=1675905 | Exploit Issue Tracking Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2020-49/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mozilla
Published: 2020-12-09T00:19:22
Updated: 2022-03-01T17:06:11
Reserved: 2020-10-12T00:00:00
Link: CVE-2020-26950
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-12-09T01:15:12.503
Modified: 2022-04-08T11:28:19.070
Link: CVE-2020-26950
JSON object: View
Redhat Information
No data.
CWE