Indian cyber agency CERT-In flags multiple bugs in Chrome and Mozilla browsers

• CERT-In has flagged bugs that can reveal sensitive information to remote attackers.
• According to the agency, bugs have the capability of bypassing security restrictions.
• CERT-In has asked users to upgrade to the latest versions of Google Chrome and Mozilla Firefox browsers for better security.

The Indian Computer Emergency Response Team (CERT-In) has flagged several bugs in Chrome OS and Mozilla products that may put various sensitive data at risk.

In a report, the agency mentioned that the bugs could allow a remote attacker to disclose sensitive information, bypass security restrictions, execute arbitrary code, perform spoofing attacks and cause a denial of service (DoS) attack on the targeted system.

"These vulnerabilities exist in Mozilla Firefox due to SQL injection in the history tab, Cross-Origin resources length leaked, Heap buffer overflow in WebGL, Browser window spoof using full-screen mode..." CERT-In said on its website.

A remote attacker could exploit these vulnerabilities by convincing a victim to open a specially crafted web request.

"Successful exploitation of these vulnerabilities could allow a remote attacker to disclose sensitive information, bypass security restrictions, execute arbitrary code, and cause a denial of service (DoS) attack on the targeted system," as per CERT-In.

Users can upgrade to Mozilla Firefox iOS 101, Firefox Thunderbird 91.10, Firefox ESR 91.10, and Mozilla Firefox 101 for better security.

Meanwhile, in March, the Central government said in the Rajya Sabha that the CERT-In has observed over 14 lakh cyber security incidents during 2021.

SEE ALSO:
iOS 16 update – here are the devices that will support iOS 16 and iPadOS 16
Apple MacBook Air, MacBook Pro announced – price in India, specs and everything you need to know