AVG-1492 log

Package firefox
Status Fixed
Severity High
Type multiple issues
Affected 84.0.2-1
Fixed 85.0-1
Current 133.0.3-2 [extra]
Ticket None
Created Tue Jan 26 14:13:53 2021
Issue Severity Remote Type Description
CVE-2021-23965 High Yes Arbitrary code execution
A security issue was found in Firefox before version 85.0. Mozilla developers reported memory safety bugs present in Firefox 84. Some of these bugs showed...
CVE-2021-23964 High Yes Arbitrary code execution
A security issue was found in Firefox before version 85.0 and Thunderbird before version 78.7. Mozilla developers reported memory safety bugs present in...
CVE-2021-23963 Low Yes Incorrect calculation
A security issue was found in Firefox before version 85.0. When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC...
CVE-2021-23962 Low Yes Arbitrary code execution
A security issue was found in Firefox before version 85.0. Incorrect use of the RowCountChanged method could have led to a use-after-poison and a...
CVE-2021-23961 Medium Yes Information disclosure
A security issue was found in Firefox before version 85.0. Further techniques that built on the slipstream research combined with a malicious webpage could...
CVE-2021-23960 Medium Yes Arbitrary code execution
A security issue was found in Firefox before version 85.0 and Thunderbird before version 78.7. Performing garbage collection on re- declared JavaScript...
CVE-2021-23958 Medium Yes Information disclosure
A security issue was found in Firefox before version 85.0. The browser could have been confused into transferring a screen sharing state into another tab,...
CVE-2021-23956 Medium Yes Information disclosure
A security issue was found in Firefox before version 85.0. An ambiguous file picker design could have confused users who intended to select and upload a...
CVE-2021-23955 High Yes Incorrect calculation
A security issue was found in Firefox before version 85.0. The browser could have been confused into transferring a pointer lock state into another tab,...
CVE-2021-23954 High Yes Arbitrary code execution
A security issue was found in Firefox before version 85.0 and Thunderbird before version 78.7. Using the new logical assignment operators in a JavaScript...
CVE-2021-23953 High Yes Information disclosure
A security issue was found in Firefox before version 85.0 and Thunderbird before version 78.7. If a user clicked into a specifically crafted PDF, the PDF...
Date Advisory Package Type
01 Feb 2021 ASA-202102-1 firefox multiple issues