First published: Tue Dec 15 2020(Updated: )
Mozilla developer Christian Holler reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
Credit: security@mozilla.org
Affected Software | Affected Version | How to fix |
---|---|---|
Thunderbird | <78.6 | 78.6 |
Firefox | <84.0 | |
Firefox ESR | <78.6.0 | |
Thunderbird | <78.6.0 | |
Firefox | <84 | 84 |
Firefox ESR | <78.6 | 78.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2020-35113 is considered a high severity vulnerability due to its potential for memory corruption and arbitrary code execution.
To remediate CVE-2020-35113, update Firefox to version 84 or later, or Firefox ESR to version 78.6 or later.
CVE-2020-35113 affects Firefox up to version 84, Firefox ESR up to version 78.6, and Thunderbird up to version 78.6.
CVE-2020-35113 is classified as a memory safety issue leading to potential memory corruption.
The vulnerability CVE-2020-35113 was reported by Mozilla developer Christian Holler.