Indian cyber agency flags multiple bugs in Chrome OS, Mozilla
In a report, the agency mentioned that the bugs could allow a remote attacker to disclose sensitive information.
By IANS | Updated:
ETtech
New Delhi: The Indian Computer Emergency Response Team (CERT-In) has flagged several bugs in Chrome OS and Mozilla products that may put various sensitive data at risk.
In a report, the agency mentioned that the bugs could allow a remote attacker to disclose sensitive information, bypass security restrictions, execute arbitrary code, perform spoofing attacks and cause a denial of service (DoS) attack on the targeted system.
"These vulnerabilities exist in Mozilla Firefox due to SQL injection in the history tab, Cross-Origin resources length leaked, Heap buffer overflow in WebGL, Browser window spoof using full-screen mode..." CERT-In said on its website.
A remote attacker could exploit these vulnerabilities by convincing a victim to open a specially crafted web request.
"Successful exploitation of these vulnerabilities could allow a remote attacker to disclose sensitive information, bypass security restrictions, execute arbitrary code, and cause a denial of service (DoS) attack on the targeted system," as per CERT-In.
Users can upgrade to Mozilla Firefox iOS 101, Firefox Thunderbird 91.10, Firefox ESR 91.10, and Mozilla Firefox 101 for better security.
Meanwhile, in March, the Central government said in the Rajya Sabha that the CERT-In has observed over 14 lakh cyber security incidents during 2021.
In a report, the agency mentioned that the bugs could allow a remote attacker to disclose sensitive information, bypass security restrictions, execute arbitrary code, perform spoofing attacks and cause a denial of service (DoS) attack on the targeted system.
"These vulnerabilities exist in Mozilla Firefox due to SQL injection in the history tab, Cross-Origin resources length leaked, Heap buffer overflow in WebGL, Browser window spoof using full-screen mode..." CERT-In said on its website.
A remote attacker could exploit these vulnerabilities by convincing a victim to open a specially crafted web request.
"Successful exploitation of these vulnerabilities could allow a remote attacker to disclose sensitive information, bypass security restrictions, execute arbitrary code, and cause a denial of service (DoS) attack on the targeted system," as per CERT-In.
Users can upgrade to Mozilla Firefox iOS 101, Firefox Thunderbird 91.10, Firefox ESR 91.10, and Mozilla Firefox 101 for better security.
ADVERTISEMENT
Meanwhile, in March, the Central government said in the Rajya Sabha that the CERT-In has observed over 14 lakh cyber security incidents during 2021.
Download
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
Related Articles
India's cybersecurity talent gap grows as skills prove hard to findADVERTISEMENT
