Mozilla Products Multiple Vulnerabilities
Last Update Date:
15 Oct 2021
Release Date:
6 Oct 2021
5630
Views
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Mozilla Products, a remote attacker could exploit some of these vulnerabilities to trigger spoofing, remote code execution, denial of service condition, security restriction bypass and sensitive information disclosure on the targeted system.
[Updated on 2021-10-15]
1. Added Security Restriction Bypass and Information Disclosure in the "Impact";
2. Added Thunderbird in the "System / Technologies affected";
3. Added CVE-2021-38499 and CVE-2021-38502 in the "Vulnerability Identifier"
4. Added links related to Thunderbird Vulnerabilities to the "Related Link"
Impact
- Denial of Service
- Remote Code Execution
- Spoofing
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
Versions prior to:
- Firefox 93
- Firefox ESR 91.2
- Firefox ESR 78.15
- Thunderbird 78.15
- Thunderbird 91.2
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- Firefox 93
- Firefox ESR 91.2
- Firefox ESR 78.15
- Thunderbird 78.15
- Thunderbird 91.2
Vulnerability Identifier
- CVE-2021-32810
- CVE-2021-38496
- CVE-2021-38497
- CVE-2021-38498
- CVE-2021-38499
- CVE-2021-38500
- CVE-2021-38501
- CVE-2021-38502
Source
Related Link
- https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/
- https://www.mozilla.org/en-US/security/advisories/mfsa2021-44/
- https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/
- https://www.mozilla.org/en-US/security/advisories/mfsa2021-46/
- https://www.mozilla.org/en-US/security/advisories/mfsa2021-47/
- https://www.auscert.org.au/bulletins/ESB-2021.3401
Related Tags
Share with