CERT-In identifies vulnerabilities in Google Chrome, Mozilla Firefox products
The Indian government has on Thursday identified vulnerabilities in Google Chrome and Mozilla Firefox products. According to the Centre's Indian Computer Emergency Response Team (CERT-In), Chrome versions prior to 96.0.4664.209 are affected by vulnerabilities that could be exploited by hackers.
Due to vulnerabilities in Firefox, attackers can disclose sensitive information and bypass security restrictions
The government in its statement said, "Multiple vulnerabilities have been reported in Google Chrome OS which could be exploited by an attacker to execute arbitrary code on the targeted system".
The CERT-In said that the vulnerabilities exist due to 'heap buffer overflow in V8 internationalization; use after free in the share sheet, performance manager, performance APIs, vulnerability reported in dev-libs; insufficient validation of untrusted input in data transfer and out of bounds memory access in UI shelf".
It added that successful exploitation of vulnerabilities could allow attackers to execute arbitrary code on the targeted system.
These vulnerabilities in Mozilla products can affect software such as Mozilla Firefox IOS version prior to 101; Mozilla Firefox Thunderbird version prior to 91.107; Mozilla Firefox ESR version prior to 91.10, and Mozilla Firefox version prior to 101.
"These vulnerabilities exist in Mozilla Firefox due to SQL Injection in the history tab, Cross-Origin resources length leaked, H overflow in WebGL, Browser window spoofing using full-screen mode...," the CERT-In added.
As a solution, the CERT-In has advised Firefox users to upgrade it to OS 101, Firefox Thunderbird 91.10, Firefox ESR 91.10 and Mozilla Firefox 101.
AuthBridge launches iBRIDGE 2.0 AI-powered verification solution
Authentication technology company, AuthBridge has announced a new and improved version of...
Conga launches Innovation and R&D Lab in India
Revenue Lifecycle Management solutions company, Conga has announced the opening of the new...
SCADA/OT Security Acceleration Program launched by National Cyber CoE, C-DAC and Infopercept
Data Security Council of India’s National CoE program in collaboration with C-DAC (C...
Fortinet addresses top cybersecurity challenges at its LEAP 2022 Security Summit
Fortinet has recently hosted top customers from India & SAARC at Fortinet LEAP 2022 Se...
Crayon Software Experts concludes its 3-city Connect Partner summit
Crayon Software Experts India has recently concluded the 3-city Crayon Connect partner sum...