Operating System:

[WIN][UNIX/Linux]

Published:

03 June 2020

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ESB-2020.1919 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.1919
         MFSA 2020-20 Security Vulnerabilities fixed in Firefox 77
                                3 June 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Firefox
Publisher:         Mozilla
Operating System:  Windows
                   UNIX variants (UNIX, Linux, OSX)
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
                   Provide Misleading Information  -- Remote with User Interaction
                   Access Confidential Data        -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-12411 CVE-2020-12410 CVE-2020-12409
                   CVE-2020-12408 CVE-2020-12407 CVE-2020-12406
                   CVE-2020-12405 CVE-2020-12399 

Original Bulletin: 
   https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/

- --------------------------BEGIN INCLUDED TEXT--------------------

Mozilla Foundation Security Advisory 2020-20

Security Vulnerabilities fixed in Firefox 77

Announced
    June 2, 2020
Impact
    high
Products
    Firefox
Fixed in
    Firefox 77

# CVE-2020-12399: Timing attack on DSA signatures in NSS library

Reporter
    Cesar Pereida Garcia and the Network and Information Security Group (NISEC)
    at Tampere University
Impact
    high

Description

NSS has shown timing differences when performing DSA signatures, which was
exploitable and could eventually leak private keys.

References

  o Bug 1631576

# CVE-2020-12405: Use-after-free in SharedWorkerService

Reporter
    Marcin 'Icewall' Noga of Cisco Talos
Impact
    high

Description

When browsing a malicious page, a race condition in our SharedWorkerService
could occur and lead to a potentially exploitable crash.

References

  o Bug 1631618

# CVE-2020-12406: JavaScript type confusion with NativeTypes

Reporter
    Iain Ireland
Impact
    high

Description

Mozilla Developer Iain Ireland discovered a missing type check during unboxed
objects removal, resulting in a crash. We presume that with enough effort that
it could be exploited to run arbitrary code.

References

  o Bug 1639590

# CVE-2020-12407: WebRender leaking GPU memory when using border-image CSS
directive

Reporter
    Nicolas Silva
Impact
    moderate

Description

Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would
under certain conditions leak arbitrary GPU memory to the visible screen. The
leaked memory content was visible to the user, but not observable from web
content.

References

  o Bug 1637112

# CVE-2020-12408: URL spoofing when using IP addresses

Reporter
    Rayyan Bijoora
Impact
    low

Description

When browsing a document hosted on an IP address, an attacker could insert
certain characters to flip domain and path information in the address bar.

References

  o Bug 1623888

# CVE-2020-12409: URL spoofing with unicode characters

Reporter
    Rayyan Bijoora
Impact
    low

Description

When using certain blank characters in a URL, they where incorrectly rendered
as spaces instead of an encoded URL.

References

  o Bug 1629506

# CVE-2020-12410: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9

Reporter
    Mozilla developers
Impact
    high

Description

Mozilla developers Tom Tung and Karl Tomlinson reported memory safety bugs
present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence
of memory corruption and we presume that with enough effort some of these could
have been exploited to run arbitrary code.

References

  o Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9

# CVE-2020-12411: Memory safety bugs fixed in Firefox 77

Reporter
    Mozilla developers
Impact
    high

Description

Mozilla developers :Gijs (he/him), Randell Jesup reported memory safety bugs
present in Firefox 76. Some of these bugs showed evidence of memory corruption
and we presume that with enough effort some of these could have been exploited
to run arbitrary code.

References

  o Memory safety bugs fixed in Firefox 77

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXtbmteNLKJtyKPYoAQgX2w//VXS9l/T+3cc4FdYpZTh5E/c84ogGepy6
zvdREotQFRwoFULfsfW8JC+a2B6UcCvD6bBBNBf4/L7mbso2OT4+9aHI1ykcnxwv
apjEp0+VmApL9CUI7//tyOWe2E1U2qFTD0Gw6I+z+lX6hlwpNqufhcbl48jqP6ol
OZD4vq4j+fi/Dmyc9858PhrlUbHoHy7cSxfGljBNJOPrRQzld30D3exEV5fMnd3k
aqwVqd5wY/NOKyZqqdi6fnTKCASJ7mYR74hN0NzhOsH9Uil7RzeAaaY/Qeqf5Miq
VVlAd8YX6yDpsxedaO+cLPE/bYUnb7Mw/z9VvLxb4bsgwM1JO6+1NkytsdQxDkMv
MilwcH7WoizwSlzQ9iXU6+c03/F3kfXYDZ+9/z+FM10vwtjZkbo1DwSL1XAYAs5p
9rF0K5Q2ie4z4PUc+uezPSRzU89nucqdWRtKSKOTjvvkcHk63I73OHN//UPejKNn
SdtI48BwIY9oqrQFAlZXQUTZqjMK49BWP3BDRcIgbWpw+Nca0LE1BLulkeCfWpAy
PWJg6KInefEouYuKYeFp+cdLypA9NtUV+T7eyDMgE7cbVdvXImf3mDcG1lSSB7T4
et+TkJHj79bvsXve4bBtpZitUAF7QvaVSgtKLqdPL47BW08bQIYsduu9lrUFd2Z2
NYAi4gg0V44=
=9q8d
-----END PGP SIGNATURE-----