Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.

CPENameOperatorVersion
firefoxlt89.0
firefox_esrlt78.11
thunderbirdlt78.11

Name	Operator	Version
firefox	lt	89.0
firefox_esr	lt	78.11
thunderbird	lt	78.11

References

bugzilla.mozilla.org/buglist.cgi?bug_id=1602862%2C1703191%2C1703760%2C1704722%2C1706041

security.gentoo.org/glsa/202208-14

www.mozilla.org/security/advisories/mfsa2021-23/

www.mozilla.org/security/advisories/mfsa2021-24/

www.mozilla.org/security/advisories/mfsa2021-26/

debian 4

redhat 8

openvas 23

nessus 46

osv 9

nvd 1

ibm 2

redos 30

alpinelinux 1

almalinux 2

cvelist 1

cve 1

rocky 2

redhatcve 1

oraclelinux 4

centos 1

cnvd 1

ubuntucve 1

mageia 2

archlinux 2

debiancve 1

veracode 1

kaspersky 3

mozilla 3

suse 4

altlinux 2

amazon 1

ubuntu 3

gentoo 1

debian

[SECURITY] [DSA 4925-1] firefox-esr security update

2021-06-02 17:07:47

[SECURITY] [DLA 2673-1] firefox-esr security update

2021-06-03 09:36:14

[SECURITY] [DSA 4927-1] thunderbird security update

2021-06-04 22:43:27

redhat

(RHSA-2021:2208) Important: firefox security update

2021-06-02 12:51:46

(RHSA-2021:2206) Important: firefox security update

2021-06-02 12:40:49

(RHSA-2021:2214) Important: firefox security update

2021-06-02 17:39:22

openvas

Mozilla Firefox ESR Security Advisories (MFSA2021-23, MFSA2021-25) - Mac OS X

2021-07-08 00:00:00

Debian: Security Advisory (DSA-4925-1)

2021-06-03 00:00:00

CentOS: Security Advisory for firefox (CESA-2021:2206)

2021-06-15 00:00:00

nessus

NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Vulnerability (NS-SA-2021-0112)

2021-10-27 00:00:00

Debian DLA-2673-1 : firefox-esr security update

2021-06-04 00:00:00

CentOS 8 : firefox (CESA-2021:2233)

2021-06-09 00:00:00

osv

firefox-esr - security update

2021-06-02 00:00:00

Important: firefox security update

2021-06-03 07:52:55

firefox-esr - security update

2021-06-03 00:00:00

nvd

CVE-2021-29967

2021-06-24 14:15:10

ibm

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoringhas applied security fixes for its use of Mozilla Firefox

2021-12-01 15:09:58

Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.14.0 ESR + CVE-2021-29967) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF14

2021-09-28 16:45:14

redos

ROS-2-906

2021-09-08 00:00:00

ROS-2-602

2021-12-24 00:00:00

ROS-2-702

2021-09-08 00:00:00

alpinelinux

CVE-2021-29967

2021-06-24 14:15:10

almalinux

Important: firefox security update

2021-06-03 07:52:55

Important: thunderbird security update

2021-06-07 11:20:44

cvelist

CVE-2021-29967

2021-06-24 13:14:29

cve

CVE-2021-29967

2021-06-24 14:15:10

rocky

firefox security update

2021-06-03 07:52:55

thunderbird security update

2021-06-07 11:20:44

redhatcve

CVE-2021-29967

2021-06-02 01:52:24

oraclelinux

firefox security update

2021-06-03 00:00:00

firefox security update

2021-06-04 00:00:00

thunderbird security update

2021-06-08 00:00:00

centos

firefox security update

2021-06-14 18:29:34

cnvd

Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2021-54700)

2021-06-07 00:00:00

ubuntucve

CVE-2021-29967

2021-06-02 00:00:00

mageia

Updated firefox packages fix a security vulnerability

2021-06-08 17:33:02

Updated thunderbird packages fix security vulnerabilities

2021-06-08 19:46:03

archlinux

[ASA-202106-22] thunderbird: arbitrary code execution

2021-06-09 00:00:00

[ASA-202106-3] firefox: multiple issues

2021-06-01 00:00:00

debiancve

CVE-2021-29967

2021-06-24 14:15:10

veracode

Arbitrary Code Execution

2021-06-03 13:56:54

kaspersky

KLA12196 Multiple vulnerabilities in Mozilla Thunderbird

2021-06-03 00:00:00

KLA12194 Multiple vulnerabilities in Mozilla Firefox ESR

2021-06-01 00:00:00

KLA12193 Multiple vulnerabilities in Mozilla Firefox

2021-06-01 00:00:00

mozilla

Security Vulnerabilities fixed in Firefox ESR 78.11 — Mozilla

2021-06-01 00:00:00

Security Vulnerabilities fixed in Thunderbird 78.11 — Mozilla

2021-06-03 00:00:00

Security Vulnerabilities fixed in Firefox 89 — Mozilla

2021-06-01 00:00:00

suse

Security update for MozillaThunderbird (important)

2021-06-24 00:00:00

Security update for MozillaThunderbird (important)

2021-07-10 00:00:00

Security update for MozillaFirefox (important)

2021-06-09 00:00:00

altlinux

Security fix for the ALT Linux 10 package firefox-esr version 78.11.0-alt1

2021-06-01 00:00:00

Security fix for the ALT Linux 10 package thunderbird version 78.11.0-alt1

2021-06-03 00:00:00

amazon

Important: thunderbird

2021-07-01 01:07:00

ubuntu

Firefox vulnerabilities

2021-06-02 00:00:00

Thunderbird vulnerabilities

2021-06-25 00:00:00

Thunderbird vulnerabilities

2021-06-22 00:00:00

gentoo

Mozilla Thunderbird: Multiple Vulnerabilities

2022-08-10 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.8%

JSON

Related for PRION:CVE-2021-29967