USN-4893-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information, or execute arbitrary code. (CVE-2021-23981, CVE-2021-23982,
CVE-2021-23983, CVE-2021-23987, CVE-2021-23988)

It was discovered that extensions could open popup windows with control
of the window title in some circumstances. If a user were tricked into
installing a specially crafted extension, an attacker could potentially
exploit this to spook a website and trick the user into providing
credentials. (CVE-2021-23984)

It was discovered that the DevTools remote debugging feature could be
enabled without an indication to the user. If a local attacker could
modify the browser configuration, a remote attacker could potentially
exploit this to obtain sensitive information. (CVE-2021-23985)

It was discovered that extensions could read the response of cross
origin requests in some circumstances. If a user were tricked into
installing a specially crafted extension, an attacker could potentially
exploit this to obtain sensitive information. (CVE-2021-23986)

Smash a Button
[Total: 0 Average: 0]
Get PDFPrint This
About Me: I'm just some retired dude with a little bit more free time on my hands. If you want to support the site, why not help yourself out too by ordering some inexpensive web hosting so that you can start your own site?


Author: Admin

I'm a retired mathematician that has a fondness for Linux and many (not all) things tech. I'm an old-school geek that just enjoys the life he has. I live in a very, very rural area of Maine.

Leave a Reply

Your email address will not be published. Required fields are marked *

Linux Tips

This work is licensed under a Creative Commons Attribution 4.0 International License.
SITEMAP
Exit mobile version