PT-2021-7580 · Mozilla+5 · Firefox Esr+6

Abraruddin Khan

Published

2020-08-16

Updated

2023-01-04

CVE-2021-4127

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Mozilla Thunderbird versions prior to 78.9 Mozilla Firefox ESR versions prior to 78.9

Description The issue is related to an out-of-date graphics library, Angle, which may contain vulnerabilities. It is associated with insufficient input validation in the ANGLE library of Mozilla Firefox ESR and the Thunderbird email client. Exploitation of this issue could allow a remote attacker to execute arbitrary code or cause a denial of service.

Recommendations For Mozilla Thunderbird versions prior to 78.9, update to version 78.9 or later. For Mozilla Firefox ESR versions prior to 78.9, update to version 78.9 or later.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALT-PU-2020-2598

ALT-PU-2020-3442

ALT-PU-2021-1549

ALT-PU-2021-1562

ALT-PU-2021-1564

ALT-PU-2021-1804

ALT-PU-2021-1886

ALT-PU-2021-1892

ALT-PU-2021-3368

BDU:2023-00122

CESA-2021_0990

CESA-2021_0992

CESA-2021_0993

CESA-2021_0996

CVE-2021-4127

DSA-4874-1

DSA-4876-1

MGASA-2021-0163

MGASA-2021-0164

RHSA-2021:0989

RHSA-2021:0990

RHSA-2021:0991

RHSA-2021:0992

RHSA-2021:0993

RHSA-2021:0994

RHSA-2021:0995

RHSA-2021:0996

RHSA-2021_0990

RHSA-2021_0992

RHSA-2021_0993

RHSA-2021_0996

Affected Products

Alt Linux

Angle

Astra Linux

Centos

Firefox Esr

Thunderbird

Red Hat

PT-2021-7580 · Mozilla+5 · Firefox Esr+6

CVE-2021-4127

Weakness Enumeration

Related Identifiers

Affected Products

References · 37