Monday, November 8, 2021

Ubuntu: USN-5131-1 (CVE-2021-38504): Firefox vulnerabilities

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From USN-5131-1:Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the browser UI, confuse the user, conduct phishing attacks, or execute arbitrary code. (CVE-2021-38503,CVE-2021-38504, CVE-2021-38506,CVE-2021-38507,CVE-2021-38508,CVE-2021-38509)It was discovered that the 'Copy Image Link' context menu action would copy the final image URL after redirects. If a user were tricked into copying and pasting a link for an embedded image that triggered authentication flows back to the page, an attacker could potentially exploit this to steal authentication tokens.
  • ubuntu-upgrade-firefox

  • References
  • USN-5131-1
  • CVE-2021-38504


    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore