SB2021032312 - Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021032312

SB2021032312 - Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

Published: March 23, 2021

Security Bulletin ID SB2021032312
Severity
High
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 38% Medium 38% Low 25%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Out-of-bounds read (CVE-ID: CVE-2021-23981)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition during texture upload of a Pixel Buffer Object in WebGL. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.


2) Information disclosure (CVE-ID: CVE-2021-23982)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the way Firefox handles requests to internal hosts. Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections.


3) Buffer overflow (CVE-ID: CVE-2021-23983)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing transitions for invalid "::marker" properties by causing a transition on a parent node by removing a CSS rule. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


4) Spoofing attack (CVE-ID: CVE-2021-23984)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data. A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website and attempt to trick the user into providing credentials.


5) Security restrictions bypass (CVE-ID: CVE-2021-23985)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to application does not properly impose security restrictions. If an attacker is able to alter specific about:config values (for example malware running on the user's computer), the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user. This would have allowed a remote attacker (able to make a direct network connection to the victim) to monitor the user's browsing activity and (plaintext) network traffic. This was addressed by providing a visual cue when Devtools has an open network socket.


6) Security restrictions bypass (CVE-ID: CVE-2021-23986)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to application does not properly impose security restrictions. A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. The response to this cross-origin request could have been read by the extension, allowing a same-origin policy bypass by the extension, which should not have cross-origin permissions. This cross-origin request was made without cookies, so the sensitive information disclosed by the violation was limited to local-network resources or resources that perform IP-based authentication.


7) Buffer overflow (CVE-ID: CVE-2021-23987)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


8) Buffer overflow (CVE-ID: CVE-2021-23988)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Remediation

Install update from vendor's website.

References