Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.

CPENameOperatorVersion
debian_linuxeq9.0
debian_linuxeq10.0
debian_linuxeq11.0
firefoxlt94.0
firefox_esrlt91.3.0
thunderbirdlt91.3.0

Name	Operator	Version
debian_linux	eq	9.0
debian_linux	eq	10.0
debian_linux	eq	11.0
firefox	lt	94.0
firefox_esr	lt	91.3.0
thunderbird	lt	91.3.0

References

bugzilla.mozilla.org/show_bug.cgi?id=1730750

lists.debian.org/debian-lts-announce/2021/12/msg00030.html

lists.debian.org/debian-lts-announce/2022/01/msg00001.html

security.gentoo.org/glsa/202202-03

security.gentoo.org/glsa/202208-14

www.debian.org/security/2021/dsa-5026

www.debian.org/security/2022/dsa-5034

www.mozilla.org/security/advisories/mfsa2021-48/

www.mozilla.org/security/advisories/mfsa2021-49/

www.mozilla.org/security/advisories/mfsa2021-50/

veracode 1

alpinelinux 1

redhatcve 1

ubuntucve 1

cvelist 1

cnvd 1

debiancve 1

cve 1

nvd 1

openvas 24

malwarebytes 1

ubuntu 3

nessus 43

osv 10

archlinux 2

oraclelinux 4

almalinux 2

centos 2

altlinux 2

redhat 8

mageia 2

rocky 2

suse 3

kaspersky 3

mozilla 3

debian 4

gentoo 2

ibm 2

veracode

Spoofing Attack

2021-11-05 03:36:35

alpinelinux

CVE-2021-38506

2021-12-08 22:15:08

redhatcve

CVE-2021-38506

2021-11-03 01:09:49

ubuntucve

CVE-2021-38506

2021-11-03 00:00:00

cvelist

CVE-2021-38506

2021-12-08 21:21:47

cnvd

Mozilla Firefox has an unspecified vulnerability (CNVD-2021-101168)

2021-11-04 00:00:00

debiancve

CVE-2021-38506

2021-12-08 22:15:08

cve

CVE-2021-38506

2021-12-08 22:15:08

nvd

CVE-2021-38506

2021-12-08 22:15:08

openvas

Ubuntu: Security Advisory (USN-5152-1)

2022-01-28 00:00:00

CentOS: Security Advisory for thunderbird (CESA-2021:4134)

2021-11-18 00:00:00

Mozilla Firefox Security Advisory (MFSA2021-48) - Linux

2021-11-08 00:00:00

malwarebytes

Update now! Mozilla fixes security vulnerabilities in Firefox 94

2021-11-03 14:23:29

ubuntu

Thunderbird vulnerabilities

2021-11-18 00:00:00

Firefox vulnerabilities

2021-11-03 00:00:00

Thunderbird vulnerabilities

2022-01-21 00:00:00

nessus

Ubuntu 21.10 : Thunderbird vulnerabilities (USN-5152-1)

2021-11-19 00:00:00

Oracle Linux 7 : firefox (ELSA-2021-4116)

2021-11-04 00:00:00

CentOS 7 : thunderbird (CESA-2021:4134)

2021-11-17 00:00:00

osv

Important: thunderbird security update

2021-11-04 16:03:41

Important: firefox security update

2021-11-03 19:23:08

firefox vulnerabilities

2021-11-03 20:09:06

archlinux

[ASA-202111-2] firefox: multiple issues

2021-11-05 00:00:00

[ASA-202111-3] thunderbird: multiple issues

2021-11-05 00:00:00

oraclelinux

firefox security update

2021-11-04 00:00:00

thunderbird security update

2021-11-05 00:00:00

thunderbird security update

2021-11-05 00:00:00

almalinux

Important: thunderbird security update

2021-11-04 16:03:41

Important: firefox security update

2021-11-03 19:23:08

centos

firefox security update

2021-11-17 15:24:37

thunderbird security update

2021-11-17 15:26:59

altlinux

Security fix for the ALT Linux 10 package thunderbird version 91.3.0-alt1

2021-11-10 00:00:00

Security fix for the ALT Linux 10 package firefox-esr version 91.3.0-alt1

2021-11-09 00:00:00

redhat

(RHSA-2021:4605) Important: firefox security update

2021-11-10 09:00:44

(RHSA-2021:4607) Important: firefox security update

2021-11-10 09:03:16

(RHSA-2021:4123) Important: firefox security update

2021-11-03 19:23:08

mageia

Updated firefox packages fix security vulnerability

2021-11-11 01:53:34

Updated thunderbird packages fix security vulnerabilities

2021-11-11 01:53:34

rocky

firefox security update

2021-11-03 19:23:08

thunderbird security update

2021-11-04 16:03:41

suse

Security update for MozillaFirefox (important)

2021-11-19 00:00:00

Security update for MozillaThunderbird (important)

2021-12-29 00:00:00

Security update for MozillaThunderbird (important)

2021-12-22 00:00:00

kaspersky

KLA12336 Multiple vulnerabilities in Mozilla Firefox ESR

2021-11-02 00:00:00

KLA12352 Multiple vulnerabilities in Mozilla Thunderbird

2021-11-03 00:00:00

KLA12335 Multiple vulnerabilities in Mozilla Firefox

2021-11-02 00:00:00

mozilla

Security Vulnerabilities fixed in Firefox ESR 91.3 — Mozilla

2021-11-02 00:00:00

Security Vulnerabilities fixed in Thunderbird 91.3 — Mozilla

2021-11-03 00:00:00

Security Vulnerabilities fixed in Firefox 94 — Mozilla

2021-11-02 00:00:00

debian

[SECURITY] [DLA 2863-1] firefox-esr security update

2021-12-29 14:08:44

[SECURITY] [DSA 5026-1] firefox-esr security update

2021-12-19 15:23:09

[SECURITY] [DLA 2874-1] thunderbird security update

2022-01-04 10:10:10

gentoo

Mozilla Firefox: Multiple vulnerabilities

2022-02-21 00:00:00

Mozilla Thunderbird: Multiple Vulnerabilities

2022-08-10 00:00:00

ibm

Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 91.8.0ESR) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF16 - 2022.4.0

2022-04-29 04:43:11

Security Bulletin: Multiple vulnerabilities in Mozilla Firefox affect IBM Cloud Pak for Multicloud Management Monitoring.

2023-01-31 14:47:39

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

5.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

51.2%

JSON

Related for PRION:CVE-2021-38506