SB2021022318 - Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021022318

SB2021022318 - Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

Published: February 23, 2021

Security Bulletin ID SB2021022318
Severity
High
Patch available
YES
Number of vulnerabilities 10
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 20% Medium 50% Low 30%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 10 secuirty vulnerabilities.


1) Improperly implemented security check for standard (CVE-ID: CVE-2021-23969)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to incorrect implementation of W3C Content Security Policy. Under certain types of redirects Firefox incorrectly sets the source file to be the destination of the redirects. A remote attacker can gain knowledge of the destination URL.


2) Reachable Assertion (CVE-ID: CVE-2021-23970)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to a reachable assertion in multithreaded wasm code, when validating separation of script domains. A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger an assertion failure and bypass implemented security restrictions.


3) Improperly implemented security check for standard (CVE-ID: CVE-2021-23968)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to incorrect implementation of W3C Content Security Policy. If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. A remote attacker can gain knowledge of sensitive information contained in such URIs.

4) Cross-site scripting (CVE-ID: CVE-2021-23974)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. The DOMParser API did not properly process <noscript> elements for escaping. A remote attacker can bypass HTML Sanitizer and perform XSS attacks.


5) Security features bypass (CVE-ID: CVE-2021-23971)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to an error when processing a redirect with a conflicting Referrer-Policy. The browser adopts redirect's Referrer-Policy, which may result in disclosure of more information than intended by the original origin.


6) Spoofing attack (CVE-ID: CVE-2021-23972)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of cached redirects with HTTP authentication. A remote attacker can force the browser not to display a phishing warning dialog, if the malicious website was previously cached by the browser.


7) Resource management error (CVE-ID: CVE-2021-23975)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked, the browser called the sizeof function instead of using the API method that checks for invalid pointers.


8) Information disclosure (CVE-ID: CVE-2021-23973)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output via a decoding error, when trying to load a cross-origin resource in an audio/video context. A remote attacker can gain access to information about the resource.


9) Buffer overflow (CVE-ID: CVE-2021-23978)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted webpage, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


10) Buffer overflow (CVE-ID: CVE-2021-23979)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted webpage, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Remediation

Install update from vendor's website.

References