exploit the possibilities
Showing 1 - 14 of 14 RSS Feed

CVE-2020-12421

Status Candidate

Overview

When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.

Related Files

Gentoo Linux Security Advisory 202007-10
Posted Jul 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-10 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 68.10.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-12402, CVE-2020-12415, CVE-2020-12416, CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421, CVE-2020-12422, CVE-2020-12424, CVE-2020-12425, CVE-2020-12426
MD5 | 9406c260db2c6295ae122253d8b59c0a
Gentoo Linux Security Advisory 202007-09
Posted Jul 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-9 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 68.10.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
MD5 | 65b50fc9571e88ffd2dffb9bdf017d3b
Red Hat Security Advisory 2020-3038-01
Posted Jul 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3038-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.10.0. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
MD5 | d26d7ff6d0484fb9831fb49ca145fa5f
Red Hat Security Advisory 2020-3046-01
Posted Jul 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3046-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.10.0. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
MD5 | 20b73c4b9debd753f6d1981d2673bf2a
Red Hat Security Advisory 2020-2966-01
Posted Jul 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2966-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.10.0. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
MD5 | b85d2887fd2b8323afcf21e44e86f3e7
Red Hat Security Advisory 2020-2906-01
Posted Jul 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2906-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.10.0. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
MD5 | 4f343272d16859a0f2af7f7bec973241
Red Hat Security Advisory 2020-2907-01
Posted Jul 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2907-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.10.0. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
MD5 | f14663ef04891b4c392a1f8f4d1a6261
Ubuntu Security Notice USN-4421-1
Posted Jul 8, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4421-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that Thunderbird would continue an unencrypted connection when configured to use STARTTLS for IMAP if the server responded with PREAUTH. A remote attacker could potentially exploit this to perform a person-in-the-middle attack in order to obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, imap
systems | linux, ubuntu
advisories | CVE-2020-12398, CVE-2020-12399, CVE-2020-12406, CVE-2020-12410, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
MD5 | 326f5ebac4547f863a712734770a0ae2
Red Hat Security Advisory 2020-2827-01
Posted Jul 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2827-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.10.0 ESR. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
MD5 | bad1f516b5b30f3f5463117066131cd4
Red Hat Security Advisory 2020-2828-01
Posted Jul 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2828-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.10.0 ESR. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
MD5 | 6db568e2477fd7752456c46fb637df77
Red Hat Security Advisory 2020-2826-01
Posted Jul 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2826-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.10.0 ESR. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
MD5 | eb868b5c0a1d3423ad94f52ff9f6175f
Red Hat Security Advisory 2020-2824-01
Posted Jul 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2824-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.10.0 ESR. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
MD5 | 04a7cdccc509e40d553224fbc5d269e9
Red Hat Security Advisory 2020-2825-01
Posted Jul 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2825-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.10.0 ESR. Issues addressed include information leakage and use-after-free vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
MD5 | 4dacbdd82dac1d8f815059abe37f4899
Ubuntu Security Notice USN-4408-1
Posted Jul 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4408-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass permission prompts, or execute arbitrary code. It was discovered that when performing add-on updates, certificate chains not terminating with built-in roots were silently rejected. This could result in add-ons becoming outdated. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2020-12415, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421, CVE-2020-12424, CVE-2020-12425, CVE-2020-12426
MD5 | 48c7a1a12cccbc01a51fc442ac452636
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    0 Files
  • 5
    Aug 5th
    0 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close