Skip to main content

Mozilla Products Multiple Vulnerabilities

Last Update Date: 15 Oct 2021 Release Date: 6 Oct 2021 5630 Views

RISK: Medium Risk

TYPE: Clients - Browsers

TYPE: Browsers
Multiple vulnerabilities were identified in Mozilla Products, a remote attacker could exploit some of these vulnerabilities to trigger spoofing, remote code execution, denial of service condition, security restriction bypass and sensitive information disclosure on the targeted system.
 

[Updated on 2021-10-15]  

1.  Added Security Restriction Bypass and Information Disclosure in the "Impact";
2. Added Thunderbird in the "System / Technologies affected";
3. Added CVE-2021-38499 and CVE-2021-38502 in the "Vulnerability Identifier"
4. Added links related to Thunderbird Vulnerabilities to the "Related Link"


Impact

  • Denial of Service
  • Remote Code Execution
  • Spoofing
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

Versions prior to:

 

  •  Firefox 93
  •  Firefox ESR 91.2
  •  Firefox ESR 78.15
  • Thunderbird 78.15
  • Thunderbird 91.2

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

  •  Firefox 93
  •  Firefox ESR 91.2
  •  Firefox ESR 78.15
  • Thunderbird 78.15
  • Thunderbird 91.2

Vulnerability Identifier


Source


Related Link