Abraruddin Khan

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 96.0.4664.93 Microsoft Edge (affected versions not specified) **Description** The issue is related to a heap buffer overflow in the ANGLE library, which can be exploited by a remote attacker via a crafted HTML page, potentially leading to heap corruption. This could allow the attacker to execute arbitrary code or cause a denial of service. **Recommendations** For Google Chrome versions prior to 96.0.4664.93, update to version 96.0.4664.93 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Firefox ESR versions prior to 78.10 Thunderbird versions prior to 78.10 Firefox versions prior to 88 Description: The issue is related to a WebGL component, specifically a framebuffer that was not initialized early enough, resulting in memory corruption and an out of bounds write. This can lead to arbitrary code execution by a remote attacker. Recommendations: For Firefox ESR versions prior to 78.10, update to version 78.10 or later. For Thunderbird versions prior to 78.10, update to version 78.10 or later. For Firefox versions prior to 88, update to version 88 or later.

Name of the Vulnerable Software and Affected Versions: Firefox ESR versions prior to 78.9 Firefox versions prior to 87 Thunderbird versions prior to 78.9 Description: A texture upload of a Pixel Buffer Object could confuse the WebGL code, leading to memory corruption and potentially causing an information leak or crash. Recommendations: For Firefox ESR versions prior to 78.9, update to version 78.9 or later. For Firefox versions prior to 87, update to version 87 or later. For Thunderbird versions prior to 78.9, update to version 78.9 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 84 Thunderbird versions prior to 78.6 Firefox ESR versions prior to 78.6 **Description** The issue arises from certain blit values provided by the user not being properly constrained, leading to a heap buffer overflow on some video drivers. **Recommendations** For Firefox versions prior to 84, update to version 84 or later. For Thunderbird versions prior to 78.6, update to version 78.6 or later. For Firefox ESR versions prior to 78.6, update to version 78.6 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Thunderbird versions prior to 78.9 Mozilla Firefox ESR versions prior to 78.9 **Description** The issue is related to an out-of-date graphics library, Angle, which may contain vulnerabilities. It is associated with insufficient input validation in the ANGLE library of Mozilla Firefox ESR and the Thunderbird email client. Exploitation of this issue could allow a remote attacker to execute arbitrary code or cause a denial of service. **Recommendations** For Mozilla Thunderbird versions prior to 78.9, update to version 78.9 or later. For Mozilla Firefox ESR versions prior to 78.9, update to version 78.9 or later.