CVE-2020-12417

Details

Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. Note: this issue only affects Firefox on ARM64 platforms. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.

Affected Packages

Firefox

Ubuntu 14.04 LTSUbuntu 16.04 LTSUbuntu 18.04 LTSUbuntu 20.04 LTSUbuntu 22.04 LTS

Fixed in:

78

Mozilla Firefox

Windows 10 (1507)Windows 10 (1607) / Server 2016Windows 10 (1809) / Server 2019Windows 10 (1903)Windows 10 (1909)

Fixed in:

78

Mozilla Firefox ESR

Windows 10 (1507)Windows 10 (1607) / Server 2016Windows 10 (1809) / Server 2019Windows 10 (1903)Windows 10 (1909)

Fixed in: