Main Vulnerability Database Vulnerabilities #VU48459

#VU48459 Buffer overflow in Mozilla Firefox - CVE-2020-26952

Published: November 17, 2020

Vulnerability identifier: #VU48459

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2020-26952

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Mozilla Firefox

Software vendor:
Mozilla

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. The incorrect bookkeeping of functions inlined during JIT compilation when handling out-of-memory errors can trigger memory corruption and allow remote code execution.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install updates from vendor's website.

External links

https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/

#VU48459 Buffer overflow in Mozilla Firefox - CVE-2020-26952

Description

Remediation

External links

Please verify you're human