CVE-2020-12407 Information

Description

Mozilla Developer Nicolas Silva found that when using WebRender Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user but not observable from web content. This vulnerability affects Firefox 77.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1637112 https://www.mozilla.org/security/advisories/mfsa2020-20/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

6.5