Shulou(Shulou.com)05/31 Report--

In this issue, the editor will bring you a notice about Firefox remote code execution vulnerabilities. The article is rich in content and analyzed and described from a professional point of view. I hope you can get something after reading this article.

Document Information No. QianxinTI-SV-2020-0012 keyword Firefox nsDocShell ReadableStream CVE-2020-6819 CVE-2020-6820 release date April 4, 2020 Update date April 4, 2020 TLPWHITE Analysis team Chianxin threat Intelligence Center Red Raindrop team announcement background

On April 3, 2020, Mozilla revealed in its security notice that it had fixed two wild 0day vulnerabilities (CVE-2020-6819 and CVE-2020-6820) for Firefox browsers.

The Red Raindrop team of Qianxin threat Intelligence Center immediately followed up on these two vulnerabilities, as can be seen from the announcement sent by Mozilla.

CVE-2020-6819 is the UAF vulnerability caused by the competition condition when the browser is dealing with the nsDocShell destructor, while CVE-2020-6820 is the UAF vulnerability caused by the competition condition when the browser is dealing with ReadableStream. It is worth noting that these two vulnerabilities, Mozilla, suggest that relevant targeted exploitation attacks have been found, which are most likely to be 0day when the vulnerability is exploited. With the release of the patch, the relevant technical details may be studied and lead to a wider range of attacks.

Vulnerability summary vulnerability name Firefox browser vulnerability CVE-2020-6819 / CVE-2020-6820

Threat type remote code execution threat level serious vulnerability IDCVE-2020-6819 CVE-2020-6820 uses scenarios to induce users to click on relevant vulnerabilities to exploit code pages, which will lead to code execution and gain control of the victim's machine. No specific affected version is given in the affected system and application version. It is recommended to upgrade to Firefox 74.0.1 or Firefox ESR 68.6.1 vulnerability description.

The two vulnerabilities, CVE-2020-6819/CVE-2020-6820, are UAF vulnerabilities due to race conditions when browsers handle nsDocShell destructors and ReadableStream, respectively.

Impact area assessment

As can be seen from the security notice, the vulnerability has been fixed in Firefox 74.0.1 Firefox ESR68.6.1 version. Considering that Firefox browser itself has a large user base, according to NetMarketShare statistics, it has a 7% market share and has been exploited in the field, so users are advised to upgrade to the latest version.

Disposal suggested repair method

1. At present, software vendors have fixed this vulnerability, and users are advised to upgrade their browsers to Firefox 74.0.1 or Firefox ESR 68.6.1.

The above is what the Firefox remote code execution vulnerability notice is like. If you happen to have similar doubts, please refer to the above analysis to understand. If you want to know more about it, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.