Hello everyone,
CVE ID | Vulnerability | Severity |
CVE-2020-15652 | Potential leak of redirect targets when loading scripts in a worker | High |
CVE-2020-6514 | WebRTC data channel leaks internal address to peer | High |
CVE-2020-15655 | Extension APIs could be used to bypass Same-Origin Policy | High |
CVE-2020-15653 | Bypassing iframe sandbox when allowing popups | Moderate |
CVE-2020-6463 | Use-after-free in ANGLE | Moderate |
CVE-2020-15656 | Type confusion for special arguments in IonMonkey | Moderate |
CVE-2020-15658 | Overriding file type when saving to disk | Low |
CVE-2020-15657 | DLL hijacking due to incorrect loading path | Low |
CVE-2020-15654 | Custom cursor can overlay user interface | Low |
CVE-2020-15659 | Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 | High |
To fix these vulnerabilities, initiate a sync between the Patch Manager Plus server and the Central Patch Repository. Search for the following Patch IDs or Bulletin ID and deploy them to your target systems.
Patch ID | Bulletin ID | Patch description |
315260 | TU-027 | Mozilla Firefox (79.0) |
315261 | TU-027 | Mozilla Firefox (x64) (79.0) |
315248 | TU-054 | Mozilla Firefox ESR (68.11.0) |
315249 | TU-054 | Mozilla Firefox ESR (x64) (68.11.0) |
Cheers,