Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.1
CVSSv3

CVE-2020-6819

Published: 24/04/2020 Updated: 02/02/2024
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Mozilla

Vulnerability Summary

It exists that Message ID calculation was based on uninitialized data. An attacker could potentially exploit this to obtain sensitive information. (CVE-2020-6792)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla thunderbird

mozilla firefox

mozilla firefox esr

Vendor Advisories

Ubuntu Security Notice: thunderbird vulnerabilities
Several security issues were fixed in Thunderbird ...
Ubuntu Security Notice: firefox vulnerabilities
Firefox could be made to crash or run programs as your login if it opened a malicious website ...
Ubuntu Security Notice: thunderbird vulnerabilities
Several security issues were fixed in Thunderbird ...
Debian Security Advisories: DSA-4653-1 firefox-esr -- security update
Two security issues have been found in the Mozilla Firefox web browser, which could result in the execution of arbitrary code For the oldstable distribution (stretch), these problems have been fixed in version 6861esr-1~deb9u1 For the stable distribution (buster), these problems have been fixed in version 6861esr-1~deb10u1 We recommend that ...
Debian Security Advisories: DSA-4656-1 thunderbird -- security update
Multiple security issues have been found in Thunderbird which could result in denial of service or potentially the execution of arbitrary code For the oldstable distribution (stretch), these problems have been fixed in version 1:6870-1~deb9u1 For the stable distribution (buster), these problems have been fixed in version 1:6870-1~deb10u1 We ...
Red Hat: Important: thunderbird security update
Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) bas ...
Red Hat: Important: thunderbird security update
Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) bas ...
Red Hat: Critical: firefox security update
Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, wh ...
Red Hat: Important: thunderbird security update
Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vul ...
Red Hat: Critical: firefox security update
Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability ...
Red Hat: Critical: firefox security update
Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, wh ...
Red Hat: Important: thunderbird security update
Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) bas ...
Red Hat: Critical: firefox security update
Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, wh ...
Amazon Linux 2: ALAS2-2020-1429
The Mozilla Foundation Security Advisory describes this flaw as:On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in <code>GMPDecodeData</code> It is possible that with enough effort this could have been exploited to run arbitrary code This vulnerability affects Thunderbird < 68 ...
Mozilla: Security Vulnerabilities fixed in Firefox 74.0.1 and Firefox ESR 68.6.1
Mozilla Foundation Security Advisory 2020-11 Security Vulnerabilities fixed in Firefox 7401 and Firefox ESR 6861 Announced April 3, 2020 Impact critical Products Firefox, Firefox ESR Fixed in Firefo ...
Mozilla: Security Vulnerabilities fixed in Thunderbird 68.7.0
Mozilla Foundation Security Advisory 2020-14 Security Vulnerabilities fixed in Thunderbird 6870 Announced April 9, 2020 Impact critical Products Thunderbird Fixed in Thunderbird 687 ...
Arch Linux Issues:
A use-after-free vulnerability has been found in Firefox before 7401 where under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free Mozilla is aware of targeted attacks in the wild abusing this flaw ...

Recent Articles

IT threat evolution Q2 2020. PC statistics
Securelist • Victor Chebyshev Evgeny Lopatin Fedor Sinitsyn Denis Parinov Oleg Kupreev Alexey Kulaev Alexander Kolesnikov • 03 Sep 2020

IT threat evolution Q2 2020. Review IT threat evolution Q2 2020. Mobile statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. According to Kaspersky Security Network, in Q2: In Q2 2020, Kaspersky solutions blocked attempts to launch one or more types of malware designed to steal money from bank accounts on the computers of 181,725 users. !function(e,i,n,s){var t="InfogramEmbeds",d=e.getElementsByTagName("s...

Read more...
Mozilla plugs two Firefox browser holes exploited in the wild by hackers to hijack victims' computers
The Register • Thomas Claburn in San Francisco • 06 Apr 2020

Update now before it's too late If you use Twitter with Firefox in a shared computer account, you may have slightly spilled some private data on that PC

Mozilla has released security updates for its Firefox browser in conjunction with a US Cybersecurity and Infrastructure Security Agency (CISA) advisory warning that critical vulnerabilities in the browser are being actively exploited. "An attacker could exploit these vulnerabilities to take control of an affected system," US CISA said, without providing any specific details about the two bugs. "These vulnerabilities have been detected in exploits in the wild." To address these flaws, Firefox was...

Read more...
Mozilla plugs two Firefox browser holes exploited in the wild by hackers to hijack victims' computers
The Register • Thomas Claburn in San Francisco • 06 Apr 2020

Update now before it's too late If you use Twitter with Firefox in a shared computer account, you may have slightly spilled some private data on that PC

Mozilla has released security updates for its Firefox browser in conjunction with a US Cybersecurity and Infrastructure Security Agency (CISA) advisory warning that critical vulnerabilities in the browser are being actively exploited. "An attacker could exploit these vulnerabilities to take control of an affected system," US CISA said, without providing any specific details about the two bugs. "These vulnerabilities have been detected in exploits in the wild." To address these flaws, Firefox was...

Read more...

References

CWE-362CWE-416https://www.mozilla.org/security/advisories/mfsa2020-14/https://www.mozilla.org/security/advisories/mfsa2020-11/https://bugzilla.mozilla.org/show_bug.cgi?id=1620818https://usn.ubuntu.com/4335-1/https://nvd.nist.govhttps://usn.ubuntu.com/4328-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975CVE-2024-2961CVE-2024-20380XML injectionHTML injectionCVE-2024-29204CVE-2023-51795memory leakCVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook