PT-2021-3798 · Mozilla+8 · Firefox Esr+10

Christoph Kerschbaumer

+3

·

Published

2021-08-10

·

Updated

2024-12-12

·

CVE-2021-29989

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 91 Firefox ESR versions prior to 78.13 Thunderbird versions prior to 78.13
Description The issue is related to memory safety bugs, including evidence of memory corruption, which could potentially be exploited to run arbitrary code with sufficient effort. It is also associated with a boundary error when processing HTML content, allowing a remote attacker to execute arbitrary code and cause memory damage.
Recommendations For Firefox versions prior to 91, update to version 91 or later. For Firefox ESR versions prior to 78.13, update to version 78.13 or later. For Thunderbird versions prior to 78.13, update to version 78.13 or later.

Exploit

Fix

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

ALT-PU-2021-2479
ALT-PU-2021-2481
ALT-PU-2021-2488
ALT-PU-2021-2491
ALT-PU-2021-2501
ALT-PU-2021-2504
ALT-PU-2021-2527
ALT-PU-2021-2607
ALT-PU-2021-2624
ALT-PU-2021-2636
ALT-PU-2021-2718
ALT-PU-2021-2725
ALT-PU-2021-2849
ALT-PU-2021-2881
ALT-PU-2021-3368
ALT-PU-2021-3369
ALT-PU-2022-1781
ALT-PU-2022-1782
BDU:2021-04073
CESA-2021_3154
CESA-2021_3155
CESA-2021_3157
CESA-2021_3160
CVE-2021-29989
DLA-2740-1
DLA-2745-1
DSA-4956-1
DSA-4959-1
MGASA-2021-0403
MGASA-2021-0407
OESA-2023-1673
OESA-2023-1674
OPENSUSE-SU-2021:1184-1
OPENSUSE-SU-2021:1367-1
OPENSUSE-SU-2021:2774-1
OPENSUSE-SU-2021:2874-1
OPENSUSE-SU-2021:3331-1
OPENSUSE-SU-2021:3451-1
OPENSUSE-SU-2021_1184-1
OPENSUSE-SU-2021_1367-1
OPENSUSE-SU-2021_2774-1
OPENSUSE-SU-2021_2874-1
OPENSUSE-SU-2021_3331-1
OPENSUSE-SU-2021_3451-1
OPENSUSE-SU-2024:10600-1
OPENSUSE-SU-2024:10601-1
OPENSUSE-SU-2024:14572-1
RHSA-2021:3154
RHSA-2021:3155
RHSA-2021:3156
RHSA-2021:3157
RHSA-2021:3159
RHSA-2021:3160
RHSA-2021:3161
RHSA-2021:3162
RHSA-2021_3154
RHSA-2021_3155
RHSA-2021_3157
RHSA-2021_3160
RLSA-2021:3155
RLSA-2021:3157
SUSE-SU-2021:14782-1
SUSE-SU-2021:14821-1
SUSE-SU-2021:14826-1
SUSE-SU-2021:2691-1
SUSE-SU-2021:2694-1
SUSE-SU-2021:2774-1
SUSE-SU-2021:2874-1
SUSE-SU-2021:3191-1
SUSE-SU-2021:3331-1
SUSE-SU-2021:3451-1
SUSE-SU-2021_14782-1
SUSE-SU-2021_14821-1
SUSE-SU-2021_14826-1
SUSE-SU-2022:1577-1
SUSE-SU-2022:1582-1
SUSE-SU-2022_1577-1
SUSE-SU-2022_1582-1
USN-5037-1
USN-5037-2
USN-5058-1

Affected Products

Alt Linux
Astra Linux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Rocky Linux
Suse
Thunderbird
Ubuntu