CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-29951 – Mozilla Windows Maintenance Service Weak DACL
https://notcve.org/view.php?id=CVE-2021-29951
11 May 2021 — The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface in the maintenance service. *Note: This issue only affected Windows operating systems older than Win 10 build 1709. Other operating systems are unaffected.*. This vulnerability affects Thunderb... • https://packetstorm.news/files/id/162522 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-29950 – Mozilla: Logic issue potentially leaves key material unlocked
https://notcve.org/view.php?id=CVE-2021-29950
06 May 2021 — Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state. This vulnerability affects Thunderbird < 78.8.1. Thunderbird desprotege una clave secreta OpenPGP antes de usarla para una tarea de descifrado, firma o importación de claves. Si la tarea ejecuta un fallo, la clave secreta puede permanecer en la memoria en su estado desprotegido. • https://bugzilla.mozilla.org/show_bug.cgi?id=1673239 • CWE-312: Cleartext Storage of Sensitive Information CWE-522: Insufficiently Protected Credentials •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29949 – Mozilla: Thunderbird might execute an alternative OTR library
https://notcve.org/view.php?id=CVE-2021-29949
28 Apr 2021 — When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious library has been copied to a directory that is contained in the search path for executable libraries, then Thunderbird will load the incorrect library. This vulnerability affects Thunderbird < 78.9.1. Cuando se carga la... • https://bugzilla.mozilla.org/show_bug.cgi?id=1682101 • CWE-426: Untrusted Search Path CWE-427: Uncontrolled Search Path Element •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-29946 – Mozilla: Port blocking could be bypassed
https://notcve.org/view.php?id=CVE-2021-29946
26 Apr 2021 — Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. Los puertos que se escribieron como un desbordamiento de enteros por encima de los límites de un entero de 16 bits podrían haber omitido las restricciones de bloqueo de puertos cuando se usaron en la cabecera Alt-Svc. Esta vulnerabilidad afecta a Firefox ESR ve... • https://bugzilla.mozilla.org/show_bug.cgi?id=1698503 • CWE-190: Integer Overflow or Wraparound •
CVSS: 2.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-29948 – Mozilla: Race condition when reading from disk while verifying signatures
https://notcve.org/view.php?id=CVE-2021-29948
26 Apr 2021 — Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10. Las firmas son escritas en el disco antes y se leen durante la verificación, lo que podría estar sujeto a una condición de carrera cuando un proceso local malicioso o un usuario está reemplazando el archivo. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 78.10 USN-4995-1 fi... • https://bugzilla.mozilla.org/show_bug.cgi?id=1692899 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-23995 – Mozilla: Use-after-free in Responsive Design Mode
https://notcve.org/view.php?id=CVE-2021-23995
26 Apr 2021 — When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. Cuando se habilitó el Modo de Diseño Responsivo, se usaron referencias a objetos que fueron liberados previamente. Presumimos que con suficiente esfuerzo esto podría haber sido explotado para ejecutar código arbitrario. • https://bugzilla.mozilla.org/show_bug.cgi?id=1699835 • CWE-416: Use After Free CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-23999 – Mozilla: Blob URLs may have been granted additional privileges
https://notcve.org/view.php?id=CVE-2021-23999
26 Apr 2021 — If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. Si una URL Blob se cargó mediante alguna interacción inusual del usuario, podría haber sido cargada por el Principal del Sistema y conceder privilegios adicionales que no deberían concederse al contenido web. Esta vulnerabilidad afect... • https://bugzilla.mozilla.org/show_bug.cgi?id=1691153 • CWE-269: Improper Privilege Management CWE-281: Improper Preservation of Permissions CWE-697: Incorrect Comparison •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-23998 – Mozilla: Secure Lock icon could have been spoofed
https://notcve.org/view.php?id=CVE-2021-23998
26 Apr 2021 — Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. Mediante navegaciones complicadas con nuevas ventanas, una página HTTP podría haber heredado un icono de bloqueo seguro de una página HTTPS. Esta vulnerabilidad afecta a Firefox ESR versiones anteriores a 78.10, Thunderbird versiones anteriores a 78.10 y Firefox versiones anteriores a 88 Multiple secu... • https://bugzilla.mozilla.org/show_bug.cgi?id=1667456 • CWE-281: Improper Preservation of Permissions CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-24002 – Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL
https://notcve.org/view.php?id=CVE-2021-24002
26 Apr 2021 — When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. Cuando un usuario hacía clic en una URL de FTP conteniendo caracteres de nueva línea codificados (%0A y %0D), las nuevas líneas se interpretaban como tales y permitían que comandos arbitrarios fueran enviados al servidor FTP. Es... • https://bugzilla.mozilla.org/show_bug.cgi?id=1702374 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-29945 – Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads
https://notcve.org/view.php?id=CVE-2021-29945
26 Apr 2021 — The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. El JIT de WebAssembly podía calcular mal el tamaño de un tipo de retorno, lo que podía conllevar a una lectura nula y resultar en un bloqueo. • https://bugzilla.mozilla.org/show_bug.cgi?id=1700690 • CWE-476: NULL Pointer Dereference CWE-682: Incorrect Calculation •