» 2021 » 2월

Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 86.

Source: CVE-2021-23977

CVE-2021-23963

Posted on 2021년 2월 26일2021년 2월 26일 by admin

CVE-2021-23963

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox < 85.

Source: CVE-2021-23963

CVE-2021-23962

Posted on 2021년 2월 26일2021년 2월 26일 by admin

CVE-2021-23962

Incorrect use of the ‘<RowCountChanged>’ method could have led to a user-after-poison and a potentially exploitable crash. This vulnerability affects Firefox < 85.

Source: CVE-2021-23962

CVE-2021-23953

Posted on 2021년 2월 26일2021년 2월 26일 by admin

CVE-2021-23953

If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.

Source: CVE-2021-23953

CVE-2021-23954

Posted on 2021년 2월 26일2021년 2월 26일 by admin

CVE-2021-23954

Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.

Source: CVE-2021-23954