CVE: CVE-2021-29964

Descrizione: A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.

Vettore di attacco

Riferimenti esterni

• https://www.mozilla.org/security/advisories/mfsa2021-26/
• https://www.mozilla.org/security/advisories/mfsa2021-24/
• https://www.mozilla.org/security/advisories/mfsa2021-23/
• https://bugzilla.mozilla.org/show_bug.cgi?id=1706501

Prodotti interessati

• Mozilla – Thunderbird
• Mozilla – Firefox
• Mozilla – Firefox ESR

Relazioni con altri prodotti

Produttore:Mozilla
Prodotto: Firefox
Anno: 2021
CWE:
CVSS: 0.0

Produttore:Mozilla
Prodotto: Thunderbird
Anno: 2021
CWE:
CVSS: 0.0

Produttore:Mozilla
Prodotto: Firefox ESR
Anno: 2021
CWE:
CVSS: 0.0

Ulteriori risorse disponibili

• Vulnerabilità scoperte nello stesso anno (2021)