Multiple vulnerabilities in Mozilla Firefox



Risk High
Patch available YES
Number of vulnerabilities 9
CVE-ID CVE-2021-29970
CVE-2021-29971
CVE-2021-29972
CVE-2021-29973
CVE-2021-29974
CVE-2021-29975
CVE-2021-29976
CVE-2021-29977
CVE-2021-30547
CWE-ID CWE-416
CWE-264
CWE-451
CWE-119
CWE-787
Exploitation vector Network
Public exploit N/A
Vulnerable software
Mozilla Firefox
Client/Desktop applications / Web browsers

Firefox ESR
Client/Desktop applications / Web browsers

Firefox for Android
Mobile applications / Apps for mobile phones

Vendor Mozilla

Security Bulletin

This security bulletin contains information about 9 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU54678

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-29970

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in accessibility features when processing HTML content. A remote attacker can track the victim to open a specially crafted web page, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 6.0.2 - 89.0.2

Firefox ESR: 60.0 - 78.11.0

CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2021-28/
http://www.mozilla.org/en-US/security/advisories/mfsa2021-29/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Security restrictions bypass

EUVDB-ID: #VU54680

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-29971

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions. If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Firefox for Android: 80.1.2 - 89.1.1

CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2021-28/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU54681

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-29972

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in an outdated Cairo library. A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 80.0 - 89.0.2

CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2021-28/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Security restrictions bypass

EUVDB-ID: #VU54682

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-29973

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to password autofill is enabled without user interaction on insecure websites on Firefox for Android. A remote attacker can trick the victim to visit an attacker-controlled website and obtain victim's credentials.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Firefox for Android: 80.1.2 - 89.1.1

CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2021-28/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Security restrictions bypass

EUVDB-ID: #VU54683

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-29974

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to application allows to override HSTS error, when network partitioning was enabled. As a result of Enhanced Tracking Protection settings, a TLS error page would allow the user to override an error on a domain which had specified HTTP Strict Transport Security.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 80.0 - 89.0.2

CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2021-28/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Spoofing attack

EUVDB-ID: #VU54684

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-29975

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data. Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of another domain (with the new domain correctly shown in the address bar) resulting in possible user confusion.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 80.0 - 89.0.2

CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2021-28/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Buffer overflow

EUVDB-ID: #VU54679

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-29976

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 60.0 - 89.0.2

Firefox ESR: 60.0 - 78.11.0

CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2021-28/
http://www.mozilla.org/en-US/security/advisories/mfsa2021-29/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Buffer overflow

EUVDB-ID: #VU54685

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-29977

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 80.0 - 89.0.2

CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2021-28/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Out-of-bounds write

EUVDB-ID: #VU54002

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30547

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted HTML content in ANGLE. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Mozilla Firefox: 80.0 - 89.0.2

CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2021-28/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###