CVE-2022-34484

2022-12-2200:00:00

mozilla

www.cve.org

mozilla fuzzing team

thunderbird 91.10

vulnerabilities

memory corruption

arbitrary code

firefox 102

firefox esr 91.11

9.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.5%

JSON

The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

CNA Affected

[
  {
    "vendor": "Mozilla",
    "product": "Firefox",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "102",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Mozilla",
    "product": "Firefox ESR",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "91.11",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Mozilla",
    "product": "Thunderbird",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "102",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "unspecified",
        "lessThan": "91.11",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]