---

CVE-2021-38492 - log back

CVE-2021-38492 created at 09 Sep 2021 11:57:46
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary command execution
Description	+ When delegating navigations to the operating system, Firefox before version 91.1 and Thunderbird before version 78.14 would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. + + This bug only affects Firefox for Windows. Other operating systems are unaffected.
References	+ https://www.mozilla.org/security/advisories/mfsa2021-38/ + https://www.mozilla.org/security/advisories/mfsa2021-41/ + https://www.mozilla.org/security/advisories/mfsa2021-42/ + https://bugzilla.mozilla.org/show_bug.cgi?id=1721107
Notes

CVE-2021-38492 deleted at 08 Sep 2021 09:19:02
Severity	- Unknown
Remote	- Unknown
Type	- Unknown
Description
References
Notes

CVE-2021-38492 created at 08 Sep 2021 09:18:31