CVE-2020-12410

Public on 2020-07-09

Modified on 2020-07-17

Description

The Mozilla Foundation Security Advisory describes this flaw as:

Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Severity

Important

See what this means

CVSS v3 Base Score

8.8

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory
Amazon Linux 2 - Core	thunderbird	2020-07-14 02:50	ALAS2-2020-1462

CVSS Scores

	Score Type	Score	Vector
Amazon Linux	CVSSv3	8.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
NVD	CVSSv3	8.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
NVD	CVSSv2	9.3	AV:N/AC:M/Au:N/C:C/I:C/A:C

References

Red Hat: CVE-2020-12410 Mitre: CVE-2020-12410 FAQs regarding Amazon Linux ALAS/CVE Severity