CVE-2020-15657
CVE-2020-15657
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
10 ago 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
Referências
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=1644954https://www.mozilla.org/security/advisories/mfsa2020-30/https://www.mozilla.org/security/advisories/mfsa2020-32/https://www.mozilla.org/security/advisories/mfsa2020-33/