Components Affected
Overview
Multiple vulnerabilities have been reported in Mozilla products which could allow a remote attacker to perform data manipulation, Elevation of privilege, Denial of service, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.
Description
These vulnerabilities exist in Mozilla products due to Out-of-bound memory access in WebGL2 blit Frame buffer ,Use-after-free in Message Port:Entangled and Readable Byte Stream Queue Entry::Buffer, Clickjacking permission prompts using the fullscreen transition, the potential for copying contents into X11 primary selection through the Selection API, Incorrect parsing of relative URLs starting with “///”, Mixed-content resources not blocked in a javascript: pop-up, Clickjacking enabling the loading of insecure pages in HTTPS-only mode and Memory safety bugs. Furthermore there’s a potential Privilege Escalation through
Impact
Solution/ Workarounds
Apply appropriate fixes issued by the vendor:
Reference
Disclaimer
The information provided herein is on an “as is” basis, without warranty of any kind.