PT-2021-6936 · Mozilla+7 · Firefox Esr+9

Christian Holler

Published

2021-12-07

Updated

2023-08-08

CVE-2021-4129

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 95 Firefox ESR versions prior to 91.4.0 Thunderbird versions prior to 91.4.0

Description The issue is related to memory safety bugs, including evidence of memory corruption, which could potentially be exploited to run arbitrary code with sufficient effort. It is also described as a buffer overflow vulnerability in memory, allowing a remote attacker to execute arbitrary code or cause a denial of service.

Recommendations For Firefox versions prior to 95, update to version 95 or later. For Firefox ESR versions prior to 91.4.0, update to version 91.4.0 or later. For Thunderbird versions prior to 91.4.0, update to version 91.4.0 or later.

Exploit

Fix

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

ALT-PU-2021-3496

ALT-PU-2021-3510

ALT-PU-2021-3541

ALT-PU-2021-3576

ALT-PU-2021-3582

ALT-PU-2022-1783

ALT-PU-2022-2458

ALT-PU-2022-2929

ALT-PU-2023-1138

ALT-PU-2023-1139

ALT-PU-2023-4336

ALT-PU-2023-4339

BDU:2022-02700

CESA-2021_5013

CESA-2021_5014

CESA-2021_5045

CVE-2021-4129

DSA-5026-1

DSA-5034-1

MGASA-2021-0551

MGASA-2021-0554

RHSA-2021:5013

RHSA-2021:5014

RHSA-2021:5015

RHSA-2021:5016

RHSA-2021:5017

RHSA-2021:5045

RHSA-2021:5046

RHSA-2021:5047

RHSA-2021:5048

RHSA-2021:5055

RHSA-2021_5013

RHSA-2021_5014

RHSA-2021_5045

RHSA-2021_5046

RLSA-2021:5013

RLSA-2021:5045

USN-5246-1

USN-5248-1

Affected Products

Alt Linux

Astra Linux

Centos

Firefox

Firefox Esr

Linuxmint

Red Hat

Rocky Linux

Thunderbird

Ubuntu

PT-2021-6936 · Mozilla+7 · Firefox Esr+9

CVE-2021-4129

Weakness Enumeration

Related Identifiers

Affected Products

References · 98