Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-6806  

A state confusion issue has been found in Firefox before 74, in BodyStream::OnInputStreamReady. By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash.

Source
Severity Critical

Remote Yes

Type Arbitrary code execution

Description 

A state confusion issue has been found in Firefox before 74, in BodyStream::OnInputStreamReady. By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash.

AVG-1112 firefox 73.0.1-1 74.0-1 Critical Fixed 

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6806
https://bugzilla.mozilla.org/show_bug.cgi?id=1612308

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started