{"vulnerability": "CVE-2020-26950", "sightings": [{"uuid": "9bff4815-3725-43a1-a08e-3235a528916e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "5ef5a294-d0ea-40ab-8ea6-7cc7efc8f73e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:27.000000Z"}, {"uuid": "72dc4880-a788-46e7-b4db-2474d841b3c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/browser/firefox_jit_use_after_free.rb", "content": "", "creation_timestamp": "2022-02-28T20:58:50.000000Z"}, {"uuid": "64fef903-e95d-4982-8f66-20aa4f4267eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/3004", "content": "\u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0439 \u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u043f\u043e\u0441\u0442 \u0441 \u0440\u0430\u0437\u0431\u043e\u0440\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041d\u0435 \u0432\u0441\u0451 \u043f\u043e\u043d\u044f\u0442\u043d\u043e, \u043d\u043e \u043e\u0447\u0435\u043d\u044c \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e.\n\nFirefox JIT Use-After-Frees | Exploiting CVE-2020-26950\nhttps://www.sentinelone.com/labs/firefox-jit-use-after-frees-exploiting-cve-2020-26950/\n+\nhttps://twitter.com/maxpl0it/status/1489283212786475008\n\n\u0417\u0430 \u0441\u0441\u044b\u043b\u043a\u0443 \u0441\u043f\u0430\u0441\u0438\u0431\u043e @oleg_log", "creation_timestamp": "2022-02-07T01:27:55.000000Z"}, {"uuid": "d86b2620-b34d-4565-994d-fb008cddf755", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "published-proof-of-concept", "source": "Telegram/btm5SLvUOoyhagAz9qWDZIMUnhAODnwsBlwYthgMl24Nat56", "content": "", "creation_timestamp": "2022-02-03T19:29:25.000000Z"}, {"uuid": "94b3c9c2-f145-45a2-b2c8-b862109755c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17709", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T16:02:04.000000Z"}, {"uuid": "fcde358b-d0e7-4557-8ac7-7cbb93d42989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17612", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T13:25:16.000000Z"}, {"uuid": "52d53fd9-4206-4024-b482-69a9a9c45f6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17747", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T16:22:33.000000Z"}, {"uuid": "1b2c000a-605d-4101-8b3d-ccf252ebf8b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17517", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T10:25:20.000000Z"}, {"uuid": "bf8be2e1-aa8c-403c-9f50-c8cbc4a18d57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17767", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T16:25:15.000000Z"}, {"uuid": "7d69aab6-e0c5-4052-b0b3-2eadd5a94e2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17728", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T16:05:05.000000Z"}, {"uuid": "1b4ace2b-017a-4e16-8812-94393f808b3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17690", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T15:31:15.000000Z"}, {"uuid": "d237dea6-fdf8-4161-a6e6-7c959ef37e15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17670", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T15:25:10.000000Z"}, {"uuid": "0f6e7394-4587-4ea9-9f7a-8cbe25c4d879", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17650", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T15:22:33.000000Z"}, {"uuid": "1da4b996-3aad-48d7-b895-7969398af5e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17632", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T14:25:11.000000Z"}, {"uuid": "35a7d366-413b-4903-8324-10dd98c5c82b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17592", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T12:41:04.000000Z"}, {"uuid": "3691d1e0-50bc-43e1-83f3-815ed03db20b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17557", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T12:25:17.000000Z"}, {"uuid": "da021b7a-ae1f-49ff-abf8-930a4bd2ef0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17572", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T12:32:09.000000Z"}, {"uuid": "0d765c67-f571-4106-9f92-fa5aa128562e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17477", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T08:25:25.000000Z"}, {"uuid": "ad7d520e-e3cb-4aef-8ce6-f2c4828dff92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17537", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T11:25:20.000000Z"}, {"uuid": "28f1a8dd-92e8-43f7-af28-3edea453f62a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/cibsecurity/17497", "content": "\u203c CVE-2020-26950 \u203c\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T09:25:32.000000Z"}, {"uuid": "9bf53a6a-2d86-4f6a-bd5a-cb5089346057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "seen", "source": "https://t.me/information_security_channel/41580", "content": "Vulnerabilities Exploited at Chinese Hacking Contest Patched in Firefox, Chrome\nhttp://feedproxy.google.com/~r/Securityweek/~3/hP13HG40N-I/vulnerabilities-exploited-chinese-hacking-contest-patched-firefox-chrome\n\nMozilla and Google have already patched the critical Firefox and Chrome vulnerabilities exploited recently by white hat hackers at a competition in China.\nThe Firefox vulnerability, tracked as CVE-2020-26950, has been described as an issue related to write side effects in MCallGetProperty opcode not being accounted for.\nread more (https://www.securityweek.com/vulnerabilities-exploited-chinese-hacking-contest-patched-firefox-chrome)", "creation_timestamp": "2020-11-11T15:07:50.000000Z"}, {"uuid": "9fc86ad5-23b4-45ff-b9b2-aba203d21890", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26950", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5392", "content": "#Threat_Research\n1. Firefox JIT Use-After-Frees:\nExploiting CVE-2020-26950\nhttps://www.sentinelone.com/labs/firefox-jit-use-after-frees-exploiting-cve-2020-26950\n2. A walk through Project Zero metrics:\nBug fix time 2019-2021\nhttps://googleprojectzero.blogspot.com/2022/02/a-walk-through-project-zero-metrics.html", "creation_timestamp": "2022-02-11T11:04:01.000000Z"}]}