Computer Emergency Response Team (CERT-In), the cyber security watchdog under the Ministry of Electronics and Information Technology (MeitY), has issued a high severity warning for Mozilla Firefox and Mozilla Thunderbird. The alert states that multiple vulnerabilities have been found on Mozilla products that could be used by an attacker in order to executed an arbitrary code on the user’s system.
As per CERT-In, the vulnerabilities affect Mozilla Firefox versions prior to Firefox 131, Firefox ESR version 128.3 and 115,16 and Firefox Thunderbird versions perior to 128.3 and 131.
Revealing the behind the vulnerabilities, CERT-In noted, “These vulnerabilities exist in Mozilla Firefox due to Prevention of users from exiting full-screen mode in Firefox Focus for Android; Bypass of site isolation by Compromised content process; Cross-origin access to PDF and JSON contents through multipart responses; Obscuring of download type through Specially crafted filename; Potential memory corruption through cloning certain objects; Potential directory upload bypass via clickjacking; Enumeration of External protocol handlers via popups; Denial of service through Specially crafted WebTransport request; Potential memory corruption during JIT compilation and Memory safety bugs”
Concerningly, the agency noted that these vulnerabilities could be exploited by a remote attacker to convince a victim to open a specially crafted web request.
Mozilla accepts vulnerabilities with Firefox:
Meanwhile, Mozilla also rolled out an emergency update to fix its zero day vulnerability with the Firefox 131.0.2 update. In a security advisory report on its website, Mozilla said that the vulnerability was related to use after free CSS animations which could be used by a cybercriminal to execute malicious code on the user’s system.
Milestone Alert!
Livemint tops charts as the fastest growing news website in the world 🌏 Click here to know more.
3.6 Crore Indians visited in a single day choosing us as India’s undisputed platform for General Election Results. Explore the latest updates here!
Dive into the Amazon Great Indian Festival Sale 2024!
Unbelievable deals on laptops, washing machines, refrigerators, kitchen appliances, gadgets, automotives, luggage and more in amazon sale. Celebrate Diwali 2024 with Amazon’s biggest sale of the year.
More
Less
Published: 11 Oct 2024, 10:01 AM IST
