A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.

This plugin has been deprecated as it does not adhere to established standards for this style of check.

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2003-1 advisory.

  - A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process     incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating     systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR <     78.11. (CVE-2021-29964)

  - Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these     bugs showed evidence of memory corruption and we presume that with enough effort some of these could have     been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and     Firefox ESR < 78.11. (CVE-2021-29967)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:0910-1 advisory.

  - A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process     incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating     systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR <     78.11. (CVE-2021-29964)

  - Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these     bugs showed evidence of memory corruption and we presume that with enough effort some of these could have     been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and     Firefox ESR < 78.11. (CVE-2021-29967)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2003-1 advisory.

  - A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process     incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating     systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR <     78.11. (CVE-2021-29964)

  - Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these     bugs showed evidence of memory corruption and we presume that with enough effort some of these could have     been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and     Firefox ESR < 78.11. (CVE-2021-29967)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES11 / SLES_SAP11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14743-1 advisory.

  - The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network,     grants normal remote users access to start or stop the service. This could be used to prevent the browser     update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface     in the maintenance service. *Note: This issue only affected Windows operating systems older than Win 10     build 1709. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.10.1,     Firefox < 87, and Firefox ESR < 78.10.1. (CVE-2021-29951)

  - A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process     incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating     systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR <     78.11. (CVE-2021-29964)

  - Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these     bugs showed evidence of memory corruption and we presume that with enough effort some of these could have     been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and     Firefox ESR < 78.11. (CVE-2021-29967)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1919-1 advisory.

  - The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network,     grants normal remote users access to start or stop the service. This could be used to prevent the browser     update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface     in the maintenance service. *Note: This issue only affected Windows operating systems older than Win 10     build 1709. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.10.1,     Firefox < 87, and Firefox ESR < 78.10.1. (CVE-2021-29951)

  - A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process     incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating     systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR <     78.11. (CVE-2021-29964)

  - Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these     bugs showed evidence of memory corruption and we presume that with enough effort some of these could have     been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and     Firefox ESR < 78.11. (CVE-2021-29967)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

This update for MozillaFirefox fixes the following issues :

Firefox Extended Support Release 78.11.0 ESR (bsc#1186696)

  - CVE-2021-29964: Out of bounds-read when parsing a     `WM_COPYDATA` message

  - CVE-2021-29967: Memory safety bugs fixed in Firefox

This update was imported from the SUSE:SLE-15-SP2:Update update project.

The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1886-1 advisory.

  - The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network,     grants normal remote users access to start or stop the service. This could be used to prevent the browser     update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface     in the maintenance service. *Note: This issue only affected Windows operating systems older than Win 10     build 1709. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.10.1,     Firefox < 87, and Firefox ESR < 78.10.1. (CVE-2021-29951)

  - A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process     incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating     systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR <     78.11. (CVE-2021-29964)

  - Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these     bugs showed evidence of memory corruption and we presume that with enough effort some of these could have     been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and     Firefox ESR < 78.11. (CVE-2021-29967)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1884-1 advisory.

  - The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network,     grants normal remote users access to start or stop the service. This could be used to prevent the browser     update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface     in the maintenance service. *Note: This issue only affected Windows operating systems older than Win 10     build 1709. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.10.1,     Firefox < 87, and Firefox ESR < 78.10.1. (CVE-2021-29951)

  - A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process     incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating     systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR <     78.11. (CVE-2021-29964)

  - Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these     bugs showed evidence of memory corruption and we presume that with enough effort some of these could have     been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and     Firefox ESR < 78.11. (CVE-2021-29967)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 78.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-26 advisory.

  - A locally-installed hostile program could send `WMCOPYDATA` messages that Thunderbird would processing     incorrectly, leading to an out-of-bounds read. This bug only affects Thunderbird on Windows. Other     operating systems are unaffected. (CVE-2021-29964)

  - Mozilla developers Gabriele Svelto, Anny Gakhokidze, Alexandru Michis, Christian Holler reported memory     safety bugs present in Thunderbird 78.11. Some of these bugs showed evidence of memory corruption and we     presume that with enough effort some of these could have been exploited to run arbitrary code.
    (CVE-2021-29967)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Thunderbird installed on the remote Windows host is prior to 78.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-26 advisory.

  - A locally-installed hostile program could send `WMCOPYDATA` messages that Thunderbird would processing     incorrectly, leading to an out-of-bounds read. This bug only affects Thunderbird on Windows. Other     operating systems are unaffected. (CVE-2021-29964)

  - Mozilla developers Gabriele Svelto, Anny Gakhokidze, Alexandru Michis, Christian Holler reported memory     safety bugs present in Thunderbird 78.11. Some of these bugs showed evidence of memory corruption and we     presume that with enough effort some of these could have been exploited to run arbitrary code.
    (CVE-2021-29967)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox ESR installed on the remote Windows host is prior to 78.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-24 advisory.

  - A locally-installed hostile program could send `WMCOPYDATA` messages that Firefox would processing     incorrectly, leading to an out-of-bounds read. This bug only affects Firefox on Windows. Other     operating systems are unaffected. (CVE-2021-29964)

  - Mozilla developers Gabriele Svelto, Anny Gakhokidze, Alexandru Michis, Christian Holler reported memory     safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory     corruption and we presume that with enough effort some of these could have been exploited to run arbitrary     code. (CVE-2021-29967)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 78.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-24 advisory.

  - A locally-installed hostile program could send `WMCOPYDATA` messages that Firefox would processing     incorrectly, leading to an out-of-bounds read. This bug only affects Firefox on Windows. Other     operating systems are unaffected. (CVE-2021-29964)

  - Mozilla developers Gabriele Svelto, Anny Gakhokidze, Alexandru Michis, Christian Holler reported memory     safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory     corruption and we presume that with enough effort some of these could have been exploited to run arbitrary     code. (CVE-2021-29967)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 89.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-23 advisory.

  - A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in     password manager to suggest passwords for the currently active website instead of the website that     triggered the dialog. This bug only affects Firefox for Android. Other operating systems are     unaffected. (CVE-2021-29965)

  - Firefox used to cache the last filename used for printing a file. When generating a filename for printing,     Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead     to the title of a website visited during private browsing mode being stored on disk. (CVE-2021-29960)

  - When styling and rendering an oversized `` element, Firefox did not apply correct clipping which     allowed an attacker to paint over the user interface. (CVE-2021-29961)

  - Address bar search suggestions in private browsing mode were re-using session data from normal mode.
    This bug only affects Firefox for Android. Other operating systems are unaffected. (CVE-2021-29963)

  - A locally-installed hostile program could send `WMCOPYDATA` messages that Firefox would process     incorrectly, leading to an out-of-bounds read. This bug only affects Firefox on Windows. Other     operating systems are unaffected. (CVE-2021-29964)

  - When a user has already allowed a website to access microphone and camera, disabling camera sharing would     not fully prevent the website from re-enabling it without an additional prompt. This was only possible if     the website kept recording with the microphone until re-enabling the camera. (CVE-2021-29959)

  - Firefox for Android would become unstable and hard-to-recover when a website opened too many popups.
    This bug only affects Firefox for Android. Other operating systems are unaffected. (CVE-2021-29962)

  - Mozilla developers Christian Holler, Anny Gakhokidze, Alexandru Michis, Gabriele Svelto reported memory     safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory     corruption and we presume that with enough effort some of these could have been exploited to run arbitrary     code. (CVE-2021-29967)

  - Mozilla developers Christian Holler, Tooru Fujisawa, Tyson Smith reported memory safety bugs present in     Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort     some of these could have been exploited to run arbitrary code. (CVE-2021-29966)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox installed on the remote Windows host is prior to 89.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-23 advisory.

  - A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in     password manager to suggest passwords for the currently active website instead of the website that     triggered the dialog. This bug only affects Firefox for Android. Other operating systems are     unaffected. (CVE-2021-29965)

  - Firefox used to cache the last filename used for printing a file. When generating a filename for printing,     Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead     to the title of a website visited during private browsing mode being stored on disk. (CVE-2021-29960)

  - When styling and rendering an oversized `` element, Firefox did not apply correct clipping which     allowed an attacker to paint over the user interface. (CVE-2021-29961)

  - Address bar search suggestions in private browsing mode were re-using session data from normal mode.
    This bug only affects Firefox for Android. Other operating systems are unaffected. (CVE-2021-29963)

  - A locally-installed hostile program could send `WMCOPYDATA` messages that Firefox would process     incorrectly, leading to an out-of-bounds read. This bug only affects Firefox on Windows. Other     operating systems are unaffected. (CVE-2021-29964)

  - When a user has already allowed a website to access microphone and camera, disabling camera sharing would     not fully prevent the website from re-enabling it without an additional prompt. This was only possible if     the website kept recording with the microphone until re-enabling the camera. (CVE-2021-29959)

  - Firefox for Android would become unstable and hard-to-recover when a website opened too many popups.
    This bug only affects Firefox for Android. Other operating systems are unaffected. (CVE-2021-29962)

  - Mozilla developers Christian Holler, Anny Gakhokidze, Alexandru Michis, Gabriele Svelto reported memory     safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory     corruption and we presume that with enough effort some of these could have been exploited to run arbitrary     code. (CVE-2021-29967)

  - Mozilla developers Christian Holler, Tooru Fujisawa, Tyson Smith reported memory safety bugs present in     Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort     some of these could have been exploited to run arbitrary code. (CVE-2021-29966)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
196863	RHEL 6 : mozilla (Unpatched Vulnerability) (deprecated)	Nessus	Red Hat Local Security Checks	critical
151686	openSUSE 15 Security Update : MozillaThunderbird (openSUSE-SU-2021:2003-1)	Nessus	SuSE Local Security Checks	high
151069	openSUSE 15 Security Update : MozillaThunderbird (openSUSE-SU-2021:0910-1)	Nessus	SuSE Local Security Checks	high
150871	SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2021:2003-1)	Nessus	SuSE Local Security Checks	high
150587	SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2021:14743-1)	Nessus	SuSE Local Security Checks	high
150456	SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:1919-1)	Nessus	SuSE Local Security Checks	high
150455	openSUSE Security Update : MozillaFirefox (openSUSE-2021-858)	Nessus	SuSE Local Security Checks	high
150404	SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2021:1886-1)	Nessus	SuSE Local Security Checks	high
150397	SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:1884-1)	Nessus	SuSE Local Security Checks	high
150158	Mozilla Thunderbird < 78.11	Nessus	MacOS X Local Security Checks	high
150157	Mozilla Thunderbird < 78.11	Nessus	Windows	high
150122	Mozilla Firefox ESR < 78.11	Nessus	Windows	high
150121	Mozilla Firefox ESR < 78.11	Nessus	MacOS X Local Security Checks	high
150120	Mozilla Firefox < 89.0	Nessus	MacOS X Local Security Checks	high
150119	Mozilla Firefox < 89.0	Nessus	Windows	high

Detections

Analytics

CVE-2021-29964

high

Tenable Plugins

critical

high

high

high

high

high

high

high

high

high

high

high

high

high

high