PT-2021-5811 · Mozilla+10 · Firefox Esr+12

Peter Van Der Beken

Published

2021-12-31

Updated

2024-12-12

CVE-2021-4140

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Firefox ESR versions prior to 91.5 Firefox versions prior to 96 Thunderbird versions prior to 91.5

Description The issue is related to bypassing an iframe sandbox in Firefox, Firefox ESR, and Thunderbird. It involves constructing specific XSLT markup to circumvent security restrictions when processing XSLT markup. This could allow a remote attacker to bypass the iframe sandbox and execute arbitrary JavaScript code in the context of an arbitrary window.

Recommendations For Firefox ESR versions prior to 91.5, update to version 91.5 or later. For Firefox versions prior to 96, update to version 96 or later. For Thunderbird versions prior to 91.5, update to version 91.5 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-91CWE-254

Related Identifiers

ALSA-2022:0129

ALSA-2022:0130

ALT-PU-2022-1022

ALT-PU-2022-1023

ALT-PU-2022-1053

ALT-PU-2022-1078

ALT-PU-2022-1090

ALT-PU-2022-1091

ALT-PU-2022-1097

ALT-PU-2022-1781

ALT-PU-2022-1783

ALT-PU-2022-2458

ALT-PU-2022-2929

ALT-PU-2022-2930

ALT-PU-2023-1138

ALT-PU-2023-1139

ALT-PU-2023-4336

ALT-PU-2023-4339

BDU:2022-00294

CESA-2022_0124

CESA-2022_0127

CESA-2022_0129

CESA-2022_0130

CVE-2021-4140

DLA-2880-1

DLA-2881-1

DSA-5044-1

DSA-5045-1

MGASA-2022-0013

MGASA-2022-0019

OESA-2023-1673

OESA-2023-1674

OPENSUSE-SU-2022:0136-1

OPENSUSE-SU-2022:0199-1

OPENSUSE-SU-2022_0136-1

OPENSUSE-SU-2022_0199-1

OPENSUSE-SU-2024:11732-1

OPENSUSE-SU-2024:11733-1

OPENSUSE-SU-2024:14572-1

RHSA-2022:0123

RHSA-2022:0124

RHSA-2022:0125

RHSA-2022:0126

RHSA-2022:0127

RHSA-2022:0128

RHSA-2022:0129

RHSA-2022:0130

RHSA-2022:0131

RHSA-2022:0132

RHSA-2022_0124

RHSA-2022_0127

RHSA-2022_0129

RHSA-2022_0130

RLSA-2022:0129

RLSA-2022:0130

SUSE-SU-2022:0115-1

SUSE-SU-2022:0136-1

SUSE-SU-2022:0137-1

SUSE-SU-2022:0199-1

SUSE-SU-2022:14880-1

SUSE-SU-2022_0115-1

SUSE-SU-2022_0136-1

SUSE-SU-2022_0137-1

SUSE-SU-2022_14880-1

USN-5229-1

USN-5246-1

USN-5248-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Firefox

Firefox Esr

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Thunderbird

Ubuntu

PT-2021-5811 · Mozilla+10 · Firefox Esr+12

CVE-2021-4140

Weakness Enumeration

Related Identifiers

Affected Products

References · 2304