Multiple vulnerabilities in Mozilla Firefox

Description

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, cause denial of service, bypass security restrictions, obtain sensitive information, gain privileges.

Below is a complete list of vulnerabilities:

1. A vulnerability in 3D CSS can be exploited to spoof user interface;
2. A memory corruption vulnerability can be exploited to execute arbitrary code;
3. Memory corruption and vulnerability can be exploited to cause denial of service;
4. A vulnerability related to session history can be exploited to security bypass restrictions;
5. A integer overflow vulnerability can be exploited to security bypass restrictions;
6. A race condition vulnerability in requestPointerLock() can be exploited to obtain sensitive information;
7. A use-after-free vulnerability can be exploited to execute arbitrary code;
8. A Null read vulnerability related to WebAssembly JIT can be exploited to cause denial of service;
9. A vulnerability related to secure lock icon can be exploited to spoof user interface;
10. A HTML injection vulnerability can be exploited to execute arbitrary code;
11. A vulnerability related to FTP URL can be exploited to execute arbitrary code;
12. A memory safety vulnerability related to Responsive Design Mode can be exploited to execute arbitrary code;
13. Elevation of privilege vulnerability related to Blob URL can be exploited to gain privileges;

Fiches de renseignement originales

• mfsa2021-16

Exploitation

Public exploits exist for this vulnerability.

Produits associés

• Mozilla-Firefox

Liste CVE

• CVE-2021-23994
  critical
• CVE-2021-29946
  critical
• CVE-2021-29945
  high
• CVE-2021-24002
  critical
• CVE-2021-23998
  high
• CVE-2021-23995
  critical
• CVE-2021-23999
  critical
• CVE-2021-23996
  high
• CVE-2021-29947
  critical
• CVE-2021-24001
  warning
• CVE-2021-24000
  warning
• CVE-2021-23997
  critical
• CVE-2021-29944
  high

En savoir plus

Découvrez les statistiques de la propagation des vulnérabilités dans votre région statistics.securelist.com