Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-29946

Опубликовано: 24 июн. 2021
Источник: debian

Описание

Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed88.0-1package
firefox-esrfixed78.10.0esr-1package
thunderbirdfixed1:78.10.0-1package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2021-14/#CVE-2021-29946

  • https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/#CVE-2021-29946

  • https://www.mozilla.org/en-US/security/advisories/mfsa2021-16/#CVE-2021-29946

Связанные уязвимости

CVSS3: 8.8
ubuntu
около 4 лет назад

Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

CVSS3: 8.8
redhat
больше 4 лет назад

Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

CVSS3: 8.8
nvd
около 4 лет назад

Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

github
около 3 лет назад

Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

CVSS3: 3.1
fstec
больше 4 лет назад

Уязвимость почтового клиента Thunderbird, браузеров Firefox и Firefox ESR, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю обойти ограничения безопасности