CVE-2020-15669

Summary

When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.12 and Thunderbird < 68.12.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox ESRunspecified < 68.12affected
MozillaThunderbirdunspecified < 68.12affected

Weaknesses

  • Use-After-Free when aborting an operation

ADP Enrichment

CVE Program Container

Additional References

References