Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9.
References
Link | Resource |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1677046 | Issue Tracking Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2021-10/ | Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2021-11/ | Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2021-12/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mozilla
Published: 2021-03-31T13:42:04
Updated: 2021-06-24T13:28:49
Reserved: 2021-01-13T00:00:00
Link: CVE-2021-23982
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-03-31T14:15:19.000
Modified: 2021-08-06T18:19:01.070
Link: CVE-2021-23982
JSON object: View
Redhat Information
No data.
CWE