SB2021060118 - Multiple vulnerabilities in Mozilla Firefox
Published: June 1, 2021
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 9 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2021-29964)
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition. A locally-installed hostile program could send WM_COPYDATA messages that Firefox would processing incorrectly and will result in out-of-bounds read.
Note, the vulnerability affects Windows installations only.
2) Buffer overflow (CVE-ID: CVE-2021-29967)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted webpage, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
3) Buffer overflow (CVE-ID: CVE-2021-29966)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted webpage, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
4) Spoofing attack (CVE-ID: CVE-2021-29965)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data. A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that triggered the dialog.
5) Information disclosure (CVE-ID: CVE-2021-29960)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to the way firefox uses cache for the last filename used for printing a file. Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk.
6) Spoofing attack (CVE-ID: CVE-2021-29961)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect rendering an oversized <select> element. A remote attacker can spoof page content.
7) Information disclosure (CVE-ID: CVE-2021-29963)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to address bar search suggestions in private browsing mode is re-using session data from normal mode. A remote website can identify the user using the suggested session data.
8) Security restrictions bypass (CVE-ID: CVE-2021-29959)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to the way user is prompted to access microphone and camera by the website. When a user has already allowed a website to access microphone and camera, disabling camera sharing would not fully prevent the website from re-enabling it without an additional prompt. This was only possible if the website kept recording with the microphone until re-enabling the camera.
9) Resource management error (CVE-ID: CVE-2021-29962)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the application when processing multiple popups. A remote attacker can create a specially crafted webpage that opens multiple popups, which would make the Firefox for Android become unstable and hard-to-recover.
Remediation
Install update from vendor's website.