Mozilla fixes a critical vulnerability in Firefox 84.0.2 and Firefox ESR 78.6.1

Mozilla fixes a critical vulnerability in Firefox 84.0.2 and Firefox ESR 78.6.1

Hello everyone,


Mozilla has fixed a critical security vulnerability in Firefox 84.0.2 and Firefox ESR 78.6.1. The details of the vulnerability are as follows:

 CVE ID Vulnerability Severity
 CVE-2020-16044 Use-after-free write when handling a   malicious COOKIE-ECHO SCTP chunk Critical 

To patch this vulnerability, initiate a sync between the Central Patch Repository and the Vulnerability Manager Plus server and search for the following Patch IDs or Bulletin ID. Select the relevant patch and deploy them to your target systems

 Patch ID Bulletin ID Patch Description
 317792 TU-027 Mozilla Firefox (84.0.2)
 317793 TU-027 Mozilla Firefox (x64) (84.0.2)
 317794 TU-054 Mozilla Firefox ESR (78.6.1)
 317795 TU-054 Mozilla Firefox ESR (x64) (78.6.1)

Cheers,

The ManageEngine team