The Indian government has on Thursday identified vulnerabilities in Google Chrome and Mozilla Firefox products. According to the Centre's Indian Computer Emergency Response Team (CERT-In), Chrome versions prior to 96.0.4664.209 are affected by vulnerabilities that could be exploited by hackers.
Due to vulnerabilities in Firefox, attackers can disclose sensitive information and bypass security restrictions
The government in its statement said, "Multiple vulnerabilities have been reported in Google Chrome OS which could be exploited by an attacker to execute arbitrary code on the targeted system".
The CERT-In said that the vulnerabilities exist due to 'heap buffer overflow in V8 internationalization; use after free in the share sheet, performance manager, performance APIs, vulnerability reported in dev-libs; insufficient validation of untrusted input in data transfer and out of bounds memory access in UI shelf".
It added that successful exploitation of vulnerabilities could allow attackers to execute arbitrary code on the targeted system.
These vulnerabilities in Mozilla products can affect software such as Mozilla Firefox IOS version prior to 101; Mozilla Firefox Thunderbird version prior to 91.107; Mozilla Firefox ESR version prior to 91.10, and Mozilla Firefox version prior to 101.
"These vulnerabilities exist in Mozilla Firefox due to SQL Injection in the history tab, Cross-Origin resources length leaked, H overflow in WebGL, Browser window spoofing using full-screen mode...," the CERT-In added.
As a solution, the CERT-In has advised Firefox users to upgrade it to OS 101, Firefox Thunderbird 91.10, Firefox ESR 91.10 and Mozilla Firefox 101.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
