exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

CVE-2021-23969

Status Candidate

Overview

As specified in the W3C Content Security Policy draft, when creating a violation report, "User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that’s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage." Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination's origin. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.

Related Files

Ubuntu Security Notice USN-4936-1
Posted May 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4936-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that Thunderbird may keep key material in memory in some circumstances. A local attacker could potentially exploit this to obtain private keys. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-29950
SHA-256 | 501454502ae69c1679ba468249f8ff39358baa3bba0fcb8166555d3966722930
Gentoo Linux Security Advisory 202104-10
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-10 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 88.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2021-23961, CVE-2021-23968, CVE-2021-23969, CVE-2021-23970, CVE-2021-23971, CVE-2021-23972, CVE-2021-23973, CVE-2021-23974, CVE-2021-23975, CVE-2021-23976, CVE-2021-23977, CVE-2021-23978, CVE-2021-23981, CVE-2021-23982, CVE-2021-23983, CVE-2021-23984, CVE-2021-23985, CVE-2021-23986, CVE-2021-23987, CVE-2021-23988, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945
SHA-256 | 5ca81f664f4e17349799dff5ec0303eacf0a8ec7882e1cb1d495ace0532dfaaa
Gentoo Linux Security Advisory 202104-09
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-9 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 78.10.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2021-23961, CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978, CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987, CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948
SHA-256 | 14468afd1abbcf533ea6611cd505e671361f822b331808ff4f16194ccb84f300
Debian Security Advisory 4862-1
Posted Feb 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4862-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure.

tags | advisory, web, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978
SHA-256 | 58e9f63ccd4b647aef2aec8484c3dda953d32a4ae7a76fe75ce16305e18aac17
Debian Security Advisory 4866-1
Posted Feb 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4866-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure.

tags | advisory, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978
SHA-256 | 6799803f6b184aa6dd8507e9afb88c97a9fb03cbd4498085740a1123c157048a
Red Hat Security Advisory 2021-0661-01
Posted Feb 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0661-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978
SHA-256 | 50249996a918e0a8b67786cc5650040baf73dcccebf1a227ffc9252490ef1bdc
Red Hat Security Advisory 2021-0659-01
Posted Feb 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0659-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978
SHA-256 | 4f8a4f4e4706f83526d9856621f47c878dbc622ae32883c4c3d231f25a7bcf16
Red Hat Security Advisory 2021-0662-01
Posted Feb 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0662-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978
SHA-256 | 0a8539dd3a37778a73bf1a89b9d59db8ccfb12e8511162844f05283397d59412
Red Hat Security Advisory 2021-0658-01
Posted Feb 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0658-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978
SHA-256 | 73a2c9174c20dc0e569929381870c75bdf573392ed64d37de59e3ab6498949fe
Red Hat Security Advisory 2021-0656-01
Posted Feb 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0656-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978
SHA-256 | 9db7074777b38e64083eec1c8c0a069948ee777e169a8f90f479140c47b94143
Red Hat Security Advisory 2021-0660-01
Posted Feb 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0660-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978
SHA-256 | 9b507f66964ea88d30e11718b3e525463fec8e2ff5841ccad7830c369aad733b
Red Hat Security Advisory 2021-0655-01
Posted Feb 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0655-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978
SHA-256 | faedb83733f505cf6130e1ee109bc6303d8527b3c3a83f8a69803417a99ea5ad
Red Hat Security Advisory 2021-0657-01
Posted Feb 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0657-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978
SHA-256 | b5448f767840a8b119e50ecc50ab5aee00ebaf6a81e6a47af7492b7b88a697a4
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close