Vulnerabilities > CVE-2021-29960 - Incorrect Resource Transfer Between Spheres vulnerability in Mozilla Firefox

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

mozilla

CWE-669

NVD

Published: 2021-06-24

Updated: 2021-09-20

Summary

Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk. This vulnerability affects Firefox < 89.

Vulnerable Configurations

Part	Description	Count
Application	Mozilla Mozilla Firefox 78.11.0 Mozilla Firefox 78.12.0 Mozilla Firefox 78.13.0 Mozilla Firefox 78.14.0 Mozilla Firefox 78.15.0 Mozilla Firefox 79.0 Mozilla Firefox 80.0 Mozilla Firefox 80.0.1 Mozilla Firefox 81.0 Mozilla Firefox 81.0.1 Mozilla Firefox 81.0.2 Mozilla Firefox 82.0 Mozilla Firefox 82.0.1 Mozilla Firefox 82.0.2 Mozilla Firefox 82.0.3 Mozilla Firefox 83.0 Mozilla Firefox 84.0 Mozilla Firefox 84.0.1 Mozilla Firefox 84.0.2 Mozilla Firefox 84.1.3 Mozilla Firefox 85.0 Mozilla Firefox 85.0.1 Mozilla Firefox 85.0.2 Mozilla Firefox 86.0 Mozilla Firefox 86.0.1 Mozilla Firefox 87.0 Mozilla Firefox 88.0 Mozilla Firefox 88.0.1	42

Common Weakness Enumeration (CWE)

CWE-669 - Incorrect Resource Transfer Between Spheres

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References