Wednesday, April 21, 2021

MFSA2021-15 Firefox: Security Vulnerabilities fixed in Firefox ESR 78.10 (CVE-2021-24002)

Description
When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.
Solution(s)
  • mozilla-firefox-esr-upgrade-78_10


  • References
  • https://attackerkb.com/topics/cve-2021-24002
  • CVE - 2021-24002
  • http://www.mozilla.org/security/announce/2021/mfsa2021-15.html




  •  

    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated