CVE-2020-12405

Summary

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.

Affected Software

VendorProductVersion RangeStatus
MozillaThunderbirdunspecified < 68.9.0affected
MozillaFirefoxunspecified < 77affected
MozillaFirefox ESRunspecified < 68.9affected

Weaknesses

  • Use-after-free in SharedWorkerService

ADP Enrichment

CVE Program Container

Additional References

References