CERT-In has flagged bugs that can reveal sensitive information to remote attackers.- According to the agency, bugs have the capability of bypassing security restrictions.
- CERT-In has asked users to upgrade to the latest versions of Google
Chrome andMozilla Firefox browsers for better security.
In a report, the agency mentioned that the bugs could allow a remote attacker to disclose sensitive information, bypass security restrictions, execute arbitrary code, perform spoofing attacks and cause a denial of service (DoS) attack on the targeted system.
"These vulnerabilities exist in Mozilla Firefox due to SQL injection in the history tab, Cross-Origin resources length leaked, Heap buffer overflow in WebGL, Browser window spoof using full-screen mode..." CERT-In said on its website.
A remote attacker could exploit these vulnerabilities by convincing a victim to open a specially crafted web request.
"Successful exploitation of these vulnerabilities could allow a remote attacker to disclose sensitive information, bypass security restrictions, execute arbitrary code, and cause a denial of service (DoS) attack on the targeted system," as per CERT-In.
Users can upgrade to Mozilla Firefox iOS 101, Firefox Thunderbird 91.10, Firefox ESR 91.10, and Mozilla Firefox 101 for better security.
Meanwhile, in March, the Central government said in the Rajya Sabha that the CERT-In has observed over 14 lakh cyber security incidents during 2021.
SEE ALSO:
$4
Apple MacBook Air, MacBook Pro announced – price in India, specs and everything you need to know>$4