PT-2021-2744 · Mozilla+7 · Firefox+9

Irvan Kurniawan

·

Published

2021-04-19

·

Updated

2024-12-12

·

CVE-2021-23995

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 88 Firefox ESR versions prior to 78.10 Thunderbird versions prior to 78.10
Description: The issue is related to the use of memory after it has been freed in the Responsive Design Mode of the affected software. This could potentially allow a remote attacker to execute arbitrary code.
Recommendations: For Firefox versions prior to 88, update to version 88 or later. For Firefox ESR versions prior to 78.10, update to version 78.10 or later. For Thunderbird versions prior to 78.10, update to version 78.10 or later.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-672

Related Identifiers

ALT-PU-2021-1676
ALT-PU-2021-1687
ALT-PU-2021-1701
ALT-PU-2021-1718
ALT-PU-2021-1804
ALT-PU-2021-1886
ALT-PU-2021-1892
ALT-PU-2021-2725
ALT-PU-2021-2881
ALT-PU-2021-3368
ALT-PU-2021-3369
ALT-PU-2022-1781
ALT-PU-2022-1782
BDU:2021-02280
CESA-2021_1353
CESA-2021_1360
CVE-2021-23995
DLA-2632-1
DLA-2633-1
DSA-4895-1
DSA-4897-1
MGASA-2021-0198
MGASA-2021-0199
OESA-2023-1673
OESA-2023-1674
OPENSUSE-SU-2021:0621-1
OPENSUSE-SU-2021:0644-1
OPENSUSE-SU-2021_0621-1
OPENSUSE-SU-2021_0644-1
OPENSUSE-SU-2024:10600-1
OPENSUSE-SU-2024:10601-1
OPENSUSE-SU-2024:14572-1
RHSA-2021:1350
RHSA-2021:1351
RHSA-2021:1352
RHSA-2021:1353
RHSA-2021:1360
RHSA-2021:1361
RHSA-2021:1362
RHSA-2021:1363
RHSA-2021_1350
RHSA-2021_1353
RHSA-2021_1360
RHSA-2021_1363
SUSE-SU-2021:1307-1
SUSE-SU-2021:1325-1
SUSE-SU-2021:1432-1
SUSE-SU-2021:1433-1
SUSE-SU-2021:14708-1
SUSE-SU-2021_14708-1
USN-4926-1
USN-4995-1
USN-4995-2

Affected Products

Alt Linux
Astra Linux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Suse
Thunderbird
Ubuntu