PT-2021-7341 · Mozilla+5 · Firefox Esr+6

Christian Holler

+2

·

Published

2021-09-07

·

Updated

2024-06-15

·

CVE-2021-38495

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Thunderbird versions prior to 91.1 Firefox ESR versions prior to 91.1
Description The issue is related to a buffer overflow in memory, which can be exploited by a remote attacker using a specially crafted web page, potentially allowing the execution of arbitrary code. There is evidence of memory corruption, and it is presumed that some of these bugs could have been exploited with enough effort.
Recommendations For Thunderbird versions prior to 91.1, update to version 91.1 or later. For Firefox ESR versions prior to 91.1, update to version 91.1 or later.

Exploit

Fix

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-120CWE-787

Related Identifiers

ALT-PU-2021-2739
ALT-PU-2021-2762
ALT-PU-2021-2766
ALT-PU-2021-2807
ALT-PU-2021-2849
ALT-PU-2021-2881
ALT-PU-2021-3368
ALT-PU-2021-3369
ALT-PU-2021-3370
ALT-PU-2022-1781
ALT-PU-2022-1782
ALT-PU-2022-1783
BDU:2022-05740
CVE-2021-38495
OPENSUSE-SU-2021:1367-1
OPENSUSE-SU-2021:1635-1
OPENSUSE-SU-2021:3331-1
OPENSUSE-SU-2021:3451-1
OPENSUSE-SU-2021:4150-1
OPENSUSE-SU-2021_1367-1
OPENSUSE-SU-2021_1635-1
OPENSUSE-SU-2021_3331-1
OPENSUSE-SU-2021_3451-1
OPENSUSE-SU-2021_4150-1
OPENSUSE-SU-2024:10601-1
SUSE-SU-2021:14821-1
SUSE-SU-2021:14826-1
SUSE-SU-2021:3191-1
SUSE-SU-2021:3331-1
SUSE-SU-2021:3451-1
SUSE-SU-2021:4150-1
SUSE-SU-2021_14821-1
SUSE-SU-2021_14826-1
SUSE-SU-2022:1577-1
SUSE-SU-2022:1582-1
SUSE-SU-2022_1577-1
SUSE-SU-2022_1582-1
USN-5248-1

Affected Products

Alt Linux
Astra Linux
Firefox Esr
Linuxmint
Suse
Thunderbird
Ubuntu