CERT-In warned Mozilla Firefox users about multiple reported vulnerabilities in Mozilla products and recommended users to upgrade to Mozilla Firefox Thunderbird versions 91.13 and 102.2, Firefox ESR versions 91.13 and 102.2, etc.
Indian Computer Emergency The Response Team (CERT-In) has alerted Mozilla Firefox users to multiple reported vulnerabilities in Mozilla products. According to information provided by CERT-In, reported vulnerabilities in Mozilla products could allow remote attackers to bypass security restrictions, execute arbitrary code, and cause attacks. denial of service to the targeted system. “Many reported vulnerabilities in Mozilla products could allow remote attackers to bypass security restrictions, execute arbitrary code, and trigger a denial-of-service attack,” the organization said. service to the targeted system”.
The agency further informed that these vulnerabilities exist in Mozilla Firefox due to abuse of XSLT error handling, cross-origin iframe referencing XSLT document, data race in function PK11_ChangePW results in use-after failure and is memory-safe bug in browser tools. A remote attacker can exploit these vulnerabilities by convincing a victim to open a specially crafted web request.
“Successful exploitation of these vulnerabilities could allow remote attackers to bypass security restrictions, execute arbitrary code, and cause denial of service attacks on systems,” it said. targeted.
As a solution, CERT-In also said it would upgrade to Mozilla Firefox Thunderbird versions 91.13 and 102.2, Firefox ESR versions 91.13 and 102.2 and Mozilla Firefox version 104.
It may be known that CERT-In belongs to the Ministry of IT. According to one report via IANSCERT-In also found a vulnerability in the Drupal open source platform that could allow an attacker to bypass security restrictions on a targeted system.
Last week, the cyber agency warned users about multiple vulnerabilities in Google Chrome for desktop that could allow attackers to gain access to their computers.
