Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal networks hosts as well as services running on the users local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9.
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 87.0 (excluding) |
Firefox_esr | Mozilla | * | 78.9 (excluding) |
Thunderbird | Mozilla | * | 78.9 (excluding) |