CVE-2020-26966

Summary

Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak. Note: This issue only affected Windows operating systems. Other operating systems are unaffected.. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox< 83affected
MozillaFirefox ESR< 78.5affected
MozillaThunderbird< 78.5affected

Weaknesses

  • Single-word search queries were also broadcast to local network

ADP Enrichment

CVE Program Container

Additional References

References