Описание
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, perform cross-site scripting attack, obtain sensitive information, cause denial of service, bypass security restrictions, execute arbitrary code.
Below is a complete list of vulnerabilities:
- Security UI vulnerability can be exploited to spoof user interface.
- Cross-site scripting (XSS) vulnerability for Android can be exploited to perform cross-site scripting attack.
- Information disclosure vulnerability in XMLHttpRequest can be exploited to obtain sensitive information.
- Denial of service vulnerability in Location API can be exploited to cause denial of service.
- Information disclosure vulnerability in asynchronous function can be exploited to obtain sensitive information.
- Security bypass vulnerability in CSP sandbox directive can be exploited to bypass security restrictions.
- Heap buffer overflow vulnerability in structured clone can be exploited to cause denial of service.
- Use after free vulnerability in GC can be exploited to cause denial of service.
- Security UI vulnerability in full screen and pointer lock can be exploited to spoof user interface.
- Security UI vulnerability in cursor can be exploited to spoof user interface.
- Security bypass vulnerability in WebExtensions can be exploited to bypass security restrictions.
- Use after free vulnerability in fullscreen objects on MacOS can be exploited to cause denial of service.
- Memory safety vulnerability can be exploited to execute arbitrary code.
Первичный источник обнаружения
Связанные продукты
Список CVE
- CVE-2021-43541 warning
- CVE-2021-43544 warning
- CVE-2021-43542 warning
- CVE-2021-43545 warning
- CVE-2021-43536 warning
- CVE-2021-43543 warning
- CVE-2021-43537 high
- CVE-2021-43539 high
- CVE-2021-43538 warning
- CVE-2021-43546 warning
- CVE-2021-43540 warning
- CVE-2021-4128 warning
- CVE-2021-4129 warning
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!