 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.844914 |
| Category: | Ubuntu Local Security Checks |
| Title: | Ubuntu: Security Advisory (USN-4926-1) |
| Summary: | The remote host is missing an update for the 'firefox' package(s) announced via the USN-4926-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'firefox' package(s) announced via the USN-4926-1 advisory. Vulnerability Insight: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, trick the user into disclosing confidential information, or execute arbitrary code. (CVE-2021-23994, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-29945, CVE-2021-29946, CVE-2021-29947) A use-after-free was discovered when Responsive Design Mode was enabled. If a user were tricked into opening a specially crafted website with Responsive Design Mode enabled, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2021-23995) It was discovered that Firefox mishandled ftp URLs with encoded newline characters. If a user were tricked into clicking on a specially crafted link, an attacker could potentially exploit this to send arbitrary FTP commands. (CVE-2021-24002) Affected Software/OS: 'firefox' package(s) on Ubuntu 16.04, Ubuntu 18.04, Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2021-23994 https://bugzilla.mozilla.org/show_bug.cgi?id=1699077 https://www.mozilla.org/security/advisories/mfsa2021-14/ https://www.mozilla.org/security/advisories/mfsa2021-15/ https://www.mozilla.org/security/advisories/mfsa2021-16/ Common Vulnerability Exposure (CVE) ID: CVE-2021-23995 https://bugzilla.mozilla.org/show_bug.cgi?id=1699835 Common Vulnerability Exposure (CVE) ID: CVE-2021-23996 https://bugzilla.mozilla.org/show_bug.cgi?id=1701834 Common Vulnerability Exposure (CVE) ID: CVE-2021-23997 https://bugzilla.mozilla.org/show_bug.cgi?id=1701942 Common Vulnerability Exposure (CVE) ID: CVE-2021-23998 https://bugzilla.mozilla.org/show_bug.cgi?id=1667456 Common Vulnerability Exposure (CVE) ID: CVE-2021-23999 https://bugzilla.mozilla.org/show_bug.cgi?id=1691153 Common Vulnerability Exposure (CVE) ID: CVE-2021-24000 https://bugzilla.mozilla.org/show_bug.cgi?id=1694698 Common Vulnerability Exposure (CVE) ID: CVE-2021-24001 https://bugzilla.mozilla.org/show_bug.cgi?id=1694727 Common Vulnerability Exposure (CVE) ID: CVE-2021-24002 https://bugzilla.mozilla.org/show_bug.cgi?id=1702374 Common Vulnerability Exposure (CVE) ID: CVE-2021-29945 https://bugzilla.mozilla.org/show_bug.cgi?id=1700690 Common Vulnerability Exposure (CVE) ID: CVE-2021-29946 https://bugzilla.mozilla.org/show_bug.cgi?id=1698503 Common Vulnerability Exposure (CVE) ID: CVE-2021-29947 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1651449%2C1674142%2C1693476%2C1696886%2C1700091 |
| Copyright | Copyright (C) 2021 Greenbone AG |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |