2 hours Ago By Sharveya Parasnis
Explainer Briefly Slides The Indian Computer Emergency Response Team (CERT-IN) reported on October 17 a severe vulnerability in Mozilla Firefox and Thunderbird browsers that “could allow a remote attacker to execute arbitrary code in the targeted system.” The vulnerability affected Firefox versions prior to 131.2, Firefox ESR versions prior to 128.
3.1, 115.16.
1 and Thunderbird versions prior to 131.0.1, 128.
3.1 and 115.16.
0. The solution is to apply patches released by Mozilla, said the agency. According to CERT-IN’s report, the vulnerability exists due to use-after-free in Animation timeline.
The agency stated that an attacker could exploit this vulnerability by persuading a user to open a specially crafted web request, which would allow the hacker to execute arbitrary code on the system. “Use-after-free” is a type of software bug where a program continues to use a memory location that has already been freed. This can lead to unpredictable behavior or security vulnerabilities.
Operational since 2004, CERT-IN is the national nodal agency for responding to computer security incidents across the country. Also Read:.
