1. Home
  2. Security Advisories
  3. Mozilla
  4. MFSA-2020-49

[MFSA-2020-49] Security Vulnerabilities fixed in Firefox 82.0.3, Firefox ESR 78.4.1, and Thunderbird 78.4.2

Severity Critical
Affected Packages 3
Fixed Packages 3
CVEs 1
Info Packages References Vulnerabilities
  • CVE-2020-26950: Write side effects in MCallGetProperty opcode not accounted for (critical) In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition.
Package Affected Version
pkg:mozilla/Thunderbird < 78.4.2
pkg:mozilla/Firefox%20ESR < 78.4.1
pkg:mozilla/Firefox < 82.0.3
Package Fixed Version
pkg:mozilla/Thunderbird = 78.4.2
pkg:mozilla/Firefox%20ESR = 78.4.1
pkg:mozilla/Firefox = 82.0.3
ID
MFSA-2020-49
Severity
critical
URL
https://www.mozilla.org/en-US/security/advisories/mfsa2020-49
Published
2020-11-09T00:00:00
(3 years ago)
Modified
2020-11-09T00:00:00
(3 years ago)
Other Advisories
Source # ID Name URL
Bugzilla 1675905 https://bugzilla.mozilla.org/show_bug.cgi?id=1675905
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:mozilla/Thunderbird Thunderbird < 78.4.2
Fixed pkg:mozilla/Thunderbird Thunderbird = 78.4.2
Affected pkg:mozilla/Firefox%20ESR Firefox ESR < 78.4.1
Fixed pkg:mozilla/Firefox%20ESR Firefox ESR = 78.4.1
Affected pkg:mozilla/Firefox Firefox < 82.0.3
Fixed pkg:mozilla/Firefox Firefox = 82.0.3
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date