CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-29967 – Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11
https://notcve.org/view.php?id=CVE-2021-29967
Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11. Los desarrolladores de Mozilla han reportado bugs de seguridad de memoria presentes en Firefox versión 88 y Firefox ESR versión 78.11. Algunos de estos bugs mostraban evidencias de corrupción de memoria y presumimos que con el suficiente esfuerzo algunos de ellos podrían haber sido explotados para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1602862%2C1703191%2C1703760%2C1704722%2C1706041 https://security.gentoo.org/glsa/202208-14 https://www.mozilla.org/security/advisories/mfsa2021-23 https://www.mozilla.org/security/advisories/mfsa2021-24 https://www.mozilla.org/security/advisories/mfsa2021-26 https://access.redhat.com/security/cve/CVE-2021-29967 https://bugzilla.redhat.com/show_bug.cgi?id=1966831 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29951 – Mozilla Windows Maintenance Service Weak DACL
https://notcve.org/view.php?id=CVE-2021-29951
The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface in the maintenance service. *Note: This issue only affected Windows operating systems older than Win 10 build 1709. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.10.1, Firefox < 87, and Firefox ESR < 78.10.1. • https://bugzilla.mozilla.org/show_bug.cgi?id=1690062 https://www.mozilla.org/security/advisories/mfsa2021-10 https://www.mozilla.org/security/advisories/mfsa2021-18 https://www.mozilla.org/security/advisories/mfsa2021-19 • CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-29945 – Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads
https://notcve.org/view.php?id=CVE-2021-29945
The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. El JIT de WebAssembly podía calcular mal el tamaño de un tipo de retorno, lo que podía conllevar a una lectura nula y resultar en un bloqueo. • https://bugzilla.mozilla.org/show_bug.cgi?id=1700690 https://www.mozilla.org/security/advisories/mfsa2021-14 https://www.mozilla.org/security/advisories/mfsa2021-15 https://www.mozilla.org/security/advisories/mfsa2021-16 https://access.redhat.com/security/cve/CVE-2021-29945 https://bugzilla.redhat.com/show_bug.cgi?id=1951370 • CWE-476: NULL Pointer Dereference CWE-682: Incorrect Calculation •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-29946 – Mozilla: Port blocking could be bypassed
https://notcve.org/view.php?id=CVE-2021-29946
Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. Los puertos que se escribieron como un desbordamiento de enteros por encima de los límites de un entero de 16 bits podrían haber omitido las restricciones de bloqueo de puertos cuando se usaron en la cabecera Alt-Svc. Esta vulnerabilidad afecta a Firefox ESR versiones anteriores a 78.10, Thunderbird versiones anteriores a 78.10 y Firefox versiones anteriores a 88 • https://bugzilla.mozilla.org/show_bug.cgi?id=1698503 https://www.mozilla.org/security/advisories/mfsa2021-14 https://www.mozilla.org/security/advisories/mfsa2021-15 https://www.mozilla.org/security/advisories/mfsa2021-16 https://access.redhat.com/security/cve/CVE-2021-29946 https://bugzilla.redhat.com/show_bug.cgi?id=1951371 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-23994 – Mozilla: Out of bound write due to lazy initialization
https://notcve.org/view.php?id=CVE-2021-23994
A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. Un framebuffer de WebGL no se inicializaba con suficiente antelación, resultando en una corrupción de memoria y una escritura fuera de límites. Esta vulnerabilidad afecta a Firefox ESR versiones anteriores a 78.10, Thunderbird versiones anteriores a 78.10 y Firefox versiones anteriores a 88 • https://bugzilla.mozilla.org/show_bug.cgi?id=1699077 https://www.mozilla.org/security/advisories/mfsa2021-14 https://www.mozilla.org/security/advisories/mfsa2021-15 https://www.mozilla.org/security/advisories/mfsa2021-16 https://access.redhat.com/security/cve/CVE-2021-23994 https://bugzilla.redhat.com/show_bug.cgi?id=1951364 • CWE-787: Out-of-bounds Write CWE-909: Missing Initialization of Resource •