Marcin “Icewall” Noga, researcher from Cisco
Talos, found a vulnerability (CVE-2020-12405) in Mozilla’s SharedWorkerService.
This flaw, if exploited, allows attackers to remotely execute code on the
victim’s machine through a use-after-free vulnerability. To trigger this
vulnerability user needs to visit a malicious web site resulting remote code
execution. Mozilla and Cisco Talos are working together to make sure a flaw is
fixed.
No comments:
Post a Comment