Morioh
Login
Arlo McLaughlin

Arlo McLaughlin

3 years ago

Mozilla patched high-severity vulnerabilities with the release of Firefox 81 and Firefox ESR 78.3, including several that could be exploited to run arbitrary code.

Two severe bugs (CVE-2020-15674 and CVE-2020-15673) are errors in the browser’s memory-safety protections, which prevent memory access issues like buffer overflows. CVE-2020-15674 was reported in Firefox 80, while CVE-2020-15673 was reported in Firefox 80 and Firefox ESR 78.2. Firefox ESR (Extended Support Release) is a Firefox version that’s based on an official release for desktop, for use by organizations who need extended support for mass deployments.

“Some of these bugs showed evidence of memory corruption, and we presume that with enough effort some of these could have been exploited to run arbitrary code,” according to a Mozilla Foundation security advisory, released on Tuesday.

#vulnerabilities #web security #buffer error #cve-2020-15673 #cve-2020-15674 #cve-2020-15675 #firefox #firefox 80 #firefox 81 #firefox esr 78.3 #memory safety #mozilla #mozilla foundation #use-after-free #vulnerability #webgl

Firefox 81 Release Kills High-Severity Code-Execution Bugs

threatpost.com

Firefox 81 Release Kills High-Severity Code-Execution Bugs

Mozilla has fixed three high-severity flaws with the release of Firefox 81 and Firefox ESR 78.3. Mozilla patched high-severity vulnerabilities with the release of Firefox 81 and Firefox ESR 78.3, including several that could be exploited to run arbitrary code.

1.30 GEEK