Test ID:	1.3.6.1.4.1.25623.1.0.817940
Category:	General
Title:	Mozilla Firefox Security Advisories (MFSA2021-07, MFSA2021-09) - Windows
Summary:	Mozilla Firefox is prone to multiple vulnerabilities.
Description:	Summary: Mozilla Firefox is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - Content Security Policy violation report could have contained the destination of a redirect. - Multithreaded WASM triggered assertions validating separation of script domains. - noscript elements could have led to an HTML Sanitizer bypass. - A website's Referrer-Policy could have been be overridden, potentially resulting in the full URL being sent as a Referrer. - HTTP Auth phishing warning was omitted when a redirect is cached. - 'about:memory' Measure function caused an incorrect pointer operation. - MediaError message property could have leaked information about cross-origin resources. - Memory safety bugs. Vulnerability Impact: Successful exploitation will allow attackers to run arbitrary code, cause denial of service, bypass security restrictions and disclose sensitive information. Affected Software/OS: Mozilla Firefox version before 86 on Windows. Solution: Update to Mozilla Firefox version 86 or later. Please see the references for more information. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-23969 Debian Security Information: DSA-4866 (Google Search) https://www.debian.org/security/2021/dsa-4866 https://security.gentoo.org/glsa/202104-09 https://security.gentoo.org/glsa/202104-10 https://bugzilla.mozilla.org/show_bug.cgi?id=1542194 https://www.mozilla.org/security/advisories/mfsa2021-07/ https://www.mozilla.org/security/advisories/mfsa2021-08/ https://www.mozilla.org/security/advisories/mfsa2021-09/ https://lists.debian.org/debian-lts-announce/2021/03/msg00000.html Common Vulnerability Exposure (CVE) ID: CVE-2021-23970 https://bugzilla.mozilla.org/show_bug.cgi?id=1681724 Common Vulnerability Exposure (CVE) ID: CVE-2021-23968 https://bugzilla.mozilla.org/show_bug.cgi?id=1687342 Common Vulnerability Exposure (CVE) ID: CVE-2021-23974 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1528997%2C1683627 Common Vulnerability Exposure (CVE) ID: CVE-2021-23971 https://bugzilla.mozilla.org/show_bug.cgi?id=1678545 Common Vulnerability Exposure (CVE) ID: CVE-2021-23978 https://bugzilla.mozilla.org/buglist.cgi?bug_id=786797%2C1682928%2C1687391%2C1687597 Common Vulnerability Exposure (CVE) ID: CVE-2021-23979 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1663222%2C1666607%2C1672120%2C1678463%2C1678927%2C1679560%2C1681297%2C1681684%2C1683490%2C1684377%2C1684902 Common Vulnerability Exposure (CVE) ID: CVE-2021-23973 https://bugzilla.mozilla.org/show_bug.cgi?id=1690976 Common Vulnerability Exposure (CVE) ID: CVE-2021-23972 https://bugzilla.mozilla.org/show_bug.cgi?id=1683536 Common Vulnerability Exposure (CVE) ID: CVE-2021-23975 https://bugzilla.mozilla.org/show_bug.cgi?id=1685145
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.