Kirtikumar Anandrao Ramchandani

Name of the Vulnerable Software and Affected Versions: Firefox for Android versions prior to 141 Description: Firefox for Android displayed URLs in the address bar by truncating the end of the URL instead of prioritizing the origin, potentially misleading users about the actual website they are visiting. Recommendations: Update Firefox for Android to version 141 or later.

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 127 Firefox ESR versions prior to 115.12 Thunderbird versions prior to 115.12 Description: The issue is related to the Offscreen Canvas not properly tracking cross-origin tainting, potentially allowing access to image data from another site in violation of same-origin policy. This could be exploited by a remote attacker to bypass security restrictions. Recommendations: For Firefox versions prior to 127, update to version 127 or later to resolve the issue. For Firefox ESR versions prior to 115.12, update to version 115.12 or later to resolve the issue. For Thunderbird versions prior to 115.12, update to version 115.12 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 112.0.5615.49 **Description** The issue is related to a use after free in Vulkan, which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This could impact the confidentiality, integrity, and availability of protected information. **Recommendations** For versions prior to 112.0.5615.49, update to version 112.0.5615.49 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable web pages until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Firefox for Android versions prior to 111 **Description** The issue is related to the Intent mechanism in Mozilla Firefox for Android, which can be exploited by a remote attacker to download arbitrary files due to the lack of request execution when opening third-party applications. This vulnerability can expose users to unpatched vulnerabilities in Android applications launched from the browser using Intents. To mitigate this, Firefox now confirms with users before launching external applications. **Recommendations** For Firefox for Android versions prior to 111, update to version 111 or later to resolve the issue. As a temporary workaround, consider confirming each launch of an external application to minimize the risk of exploitation. Restrict access to unpatched Android applications to reduce the risk of vulnerabilities being exploited through the Intent mechanism.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 111.0.5563.64 Microsoft Edge (affected versions not specified) **Description** The issue is related to an inappropriate implementation in the Autofill feature, allowing a remote attacker to potentially spoof the contents of the omnibox via a crafted HTML page. This could be achieved by exploiting the vulnerability with a specially created HTML page. **Recommendations** For Google Chrome versions prior to 111.0.5563.64, update to version 111.0.5563.64 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 15.7.2 Apple iOS versions prior to 16.2 Apple iPadOS versions prior to 15.7.2 Apple iPadOS versions prior to 16.2 Apple macOS Ventura versions prior to 13.1 Apple tvOS versions prior to 16.2 Apple watchOS versions prior to 9.2 **Description** A spoofing issue existed in the handling of URLs, which was addressed with improved input validation. Visiting a website that frames malicious content may lead to UI spoofing. **Recommendations** For Apple iOS versions prior to 15.7.2, update to iOS 15.7.2 or later. For Apple iOS versions prior to 16.2, update to iOS 16.2 or later. For Apple iPadOS versions prior to 15.7.2, update to iPadOS 15.7.2 or later. For Apple iPadOS versions prior to 16.2, update to iPadOS 16.2 or later. For Apple macOS Ventura versions prior to 13.1, update to macOS Ventura 13.1 or later. For Apple tvOS versions prior to 16.2, update to tvOS 16.2 or later. For Apple watchOS versions prior to 9.2, update to watchOS 9.2 or later.

**Name of the Vulnerable Software and Affected Versions** Safari versions prior to 16.2 tvOS versions prior to 16.2 iCloud for Windows versions prior to 14.1 iOS versions prior to 15.7.2 and 16.2 iPadOS versions prior to 15.7.2 and 16.2 macOS Ventura versions prior to 13.1 watchOS versions prior to 9.2 **Description** A logic issue was addressed with improved state management. Processing maliciously crafted web content may bypass Same Origin Policy. This issue is related to errors in state management in WebKitGTK and WPE WebKit modules, which can allow an attacker to impact data integrity. **Recommendations** For Safari versions prior to 16.2, update to Safari 16.2 or later. For tvOS versions prior to 16.2, update to tvOS 16.2 or later. For iCloud for Windows versions prior to 14.1, update to iCloud for Windows 14.1 or later. For iOS versions prior to 15.7.2 and 16.2, update to iOS 15.7.2 or iOS 16.2 or later. For iPadOS versions prior to 15.7.2 and 16.2, update to iPadOS 15.7.2 or iPadOS 16.2 or later. For macOS Ventura versions prior to 13.1, update to macOS Ventura 13.1 or later. For watchOS versions prior to 9.2, update to watchOS 9.2 or later.

**Name of the Vulnerable Software and Affected Versions** F-Secure SAFE Browser versions prior to 19.0 **Description** A Drag and Drop spoof vulnerability was discovered, allowing a spoofing of the address bar when a user performs a drag and drop operation on the address bar. **Recommendations** For versions prior to 19.0, update to a version above 19.0 to resolve the issue. As a temporary workaround, consider avoiding drag and drop operations on the address bar until a patch is available.

**Name of the Vulnerable Software and Affected Versions** F-Secure SAFE browser (affected versions not specified) **Description** A vulnerability was discovered that affects the F-Secure SAFE browser. It allows an attacker to potentially exploit the Javascript `window.open` functionality, which could lead to address bar spoofing attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Brave versions prior to 1.34 **Description** The issue occurs when a Private Window with Tor Connectivity is used, causing .onion URLs to leak in Referer and Origin headers. Although this was fixed by Brave, the Brave documentation notes that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy and do not implement most of the privacy protections from Tor Browser. **Recommendations** For versions prior to 1.34, update to version 1.34 or later to resolve the issue. As a temporary workaround, consider avoiding the use of Private Windows with Tor Connectivity until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Safe Browser for Android (affected versions not specified) **Description** An Address bar spoofing issue was discovered. When a user clicks on a specially crafted malicious webpage/URL, the user may be tricked into thinking the content comes from a valid domain, while it actually comes from an attacker-controlled site. This deception lasts until the page loads. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** F-Secure SAFE browser (affected versions not specified) **Description** A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** F-Secure SAFE browser (affected versions not specified) **Description** A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails. This issue allows for potential phishing attacks due to incorrect address bar display when navigation fails. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firefox for Android versions prior to 97 **Description** The issue is related to the handling of USSD codes in tel: links. When a user clicks on such a link, USSD codes specified after a `*` character are included in the phone number. This could potentially lead to actions being performed on a user's account, similar to a cross-site request forgery attack, on certain phones or with certain carriers. **Recommendations** For Firefox for Android versions prior to 97, update to version 97 or later to resolve the issue. As a temporary workaround, consider avoiding clicking on tel: links that may contain USSD codes specified after a `*` character until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 96 **Description** The issue is related to the mechanism of loading DLL libraries in the Firefox web browser for Windows. It is associated with the absence of quotes in writing elements or search paths. Exploitation of this issue could allow an attacker to cause a denial of service. If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However, the install directory is not world-writable by default. This bug only affects Firefox for Windows in a non-default installation. Other operating systems are unaffected. **Recommendations** For versions prior to 96, update to version 96 or later to resolve the issue. As a temporary workaround, consider restricting access to the directory where Firefox is installed to prevent local privilege escalation. Avoid installing Firefox in a world-writable directory to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to a spoofing vulnerability in Microsoft Edge for the iOS operating system, which can be exploited by bypassing authentication. This can allow a remote attacker to conduct spoofing attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Yandex Browser versions prior to 20.10.0 **Description** The issue is related to authentication bypass via spoofing, allowing a remote attacker to replace the value of the address bar. This can potentially lead to spoofing the address bar, tricking users into believing they are on a different website. **Recommendations** For versions prior to 20.10.0, update to version 20.10.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Yandex Browser for Android version 20.8.4 **Description** The issue is related to shortcomings in the data source confirmation mechanism, allowing remote attackers to bypass the Same-Origin Policy (SOP) and spoof the address bar. This can enable a remote attacker to fake the content of the address bar. **Recommendations** For Yandex Browser for Android version 20.8.4, update to a newer version to mitigate the risk of SOP bypass and address bar spoofing. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 92.0.4515.107 **Description** The issue is related to insufficient validation of untrusted input in the Sharing function of Google Chrome, allowing a remote attacker to bypass navigation restrictions via a crafted click-to-call link. This could potentially lead to a denial of service. **Recommendations** For versions prior to 92.0.4515.107, update to version 92.0.4515.107 or later to resolve the issue. As a temporary workaround, consider restricting the use of the Sharing function until a patch is applied.

Name of the Vulnerable Software and Affected Versions: Microsoft Edge for Android (affected versions not specified) Description: The issue is related to a lack of protection for service data in Microsoft Edge for Android. Exploitation of this issue may allow an attacker to gain unauthorized access to protected information. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.