← volver
CVE-2020-12423

CVE-2020-12423

EPSS 0.4%
When the Windows DLL "webauthn.dll" was missing from the Operating System, and a malicious one was placed in a folder in the user's %PATH%, Firefox may have loaded the DLL, leading to arbitrary code execution. *Note: This issue only affects the Windows operating system; other operating systems are unaffected.* This vulnerability affects Firefox < 78.
Productos afectados
Mozilla · Firefox

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00027.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00049.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=1642400https://www.mozilla.org/security/advisories/mfsa2020-24/