Published: 24/06/2021 Updated: 30/06/2021

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P

A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox
mozilla firefox_esr
mozilla thunderbird

No description is available for this CVE ...

A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read This bug only affects Firefox on Windows Other operating systems are unaffected This vulnerability affects Firefox < 89 ...

Mozilla Foundation Security Advisory 2021-26 Security Vulnerabilities fixed in Thunderbird 7811 Announced June 3, 2021 Impact moderate Products Thunderbird Fixed in Thunderbird 7811 ...

Mozilla Foundation Security Advisory 2021-23 Security Vulnerabilities fixed in Firefox 89 Announced June 1, 2021 Impact high Products Firefox Fixed in Firefox 89 ...

Mozilla Foundation Security Advisory 2021-24 Security Vulnerabilities fixed in Firefox ESR 7811 Announced June 1, 2021 Impact moderate Products Firefox ESR Fixed in Firefox ESR 7811 ...

CWE-125 https://bugzilla.mozilla.org/show_bug.cgi?id=1706501 https://www.mozilla.org/security/advisories/mfsa2021-23/https://www.mozilla.org/security/advisories/mfsa2021-24/https://www.mozilla.org/security/advisories/mfsa2021-26/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2021-29964

CVE-2021-29964

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect