ROS-20221007-04

Vulnerabilities in Firefox, Firefox ESR web browsers and Thunderbird email client are related to errors in the
in the presentation of information by the user interface. Exploitation of the vulnerability could allow
An attacker acting remotely could disclose protected information

Vulnerability in Mozilla Thunderbird email client is related to incorrect initialization of FeaturePolicy on
all pages during iframe navigation. Exploitation of the vulnerability could allow an attacker,
acting remotely, trick the victim into opening a specially crafted website, bypass the
FeaturePolicy restrictions, and force the browser to pass device permissions to insecure nested
documents

A vulnerability in the Mozilla Thunderbird email client is related to a post-release exploit error,
caused by simultaneous use of a URL parser with non-UTF-8 data.
Exploitation of the vulnerability could allow an attacker acting remotely to force a victim to visit a
a specially crafted website, cause a post-release usage error, and execute arbitrary
code on the system

A vulnerability in the SpiderMonkey JavaScript script handler of the Firefox, Firefox ESR and Thunderbird email clients is related to a copying vulnerability in the SpiderMonkey JavaScript script handler.
Thunderbird email client is related to buffer copying without checking the size of input data. Exploitation
the vulnerability could allow a remote attacker to execute arbitrary code by opening a specially crafted malicious web application.
A specially crafted malicious web page

PK11_ChangePW vulnerability in Mozilla Firefox browser, Thunderbird email client is related to memory usage after its release.
memory usage after it is freed. Exploitation of the vulnerability could allow an attacker,
acting remotely, to cause a denial of service

The vulnerability in Mozilla Thunderbird email client is related to the fact that some requests can ignore the
CSP base-uri settings when processing HTML base element injection. Exploitation of the vulnerability could
allow an attacker acting remotely to force the browser to accept the base of the injected element instead of the
source code, resulting in a content security policy bypass

A vulnerability in the matrix protocol implementation of the Thunderbird email client is related to errors in processing the
input data. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of service attack.
A denial of service (DoS) attack

Vulnerability in Mozilla Thunderbird email client is related to a bounds error during content processing.
HTML. Exploitation of the vulnerability could allow an attacker acting remotely to create a customized
Web site, trick the victim into opening it, cause memory corruption, and execute arbitrary code
on the target system

A vulnerability in the Thunderbird email client is related to input processing errors. Exploitation
vulnerability could allow a remote attacker to execute arbitrary JavaScript code by sending a specially crafted email to the target system.
by sending a specially crafted HTML email with the tag
metametahttp-equiv=“refresh”

Vulnerability in the XSLT (eXtensible Stylesheet Language Transformations) technology implementation of the mail client
Thunderbird, Firefox and Firefox ESR browsers is related to incorrect restriction of visualized layers or frames.
frames. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their
privileges

Mozilla Thunderbird email client vulnerability is related to improper cookie handling.
Exploitation of the vulnerability could allow an attacker acting remotely and having access to a shared subdomain to inject cookies into the mail client.
subdomain, could inject cookies with certain special characters, bypass the restriction of the
safe context for cookies prefixed with __Host and __Secure and overwrite those cookies,
which can lead to session-stealing attacks.

A vulnerability in the Mozilla Thunderbird email client is related to a data inconsistency in the instruction and
data cache when creating wasm code. Exploitation of the vulnerability could allow an attacker acting remotely to trick a victim into using the wasm code.
remotely, trick the victim into opening a specially crafted web page, causing memory corruption
and possibly execute arbitrary code

A vulnerability in the Mozilla Thunderbird email client is related to insufficient cleaning of user data when visiting directory listings.
data when visiting directory listings for chrome:// URLs as source.
Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code
HTML and script in a user’s browser in the context of a vulnerable website

Vulnerability in the XSLT (eXtensible Stylesheet Language Transformations) technology implementation of Firefox browser
and Thunderbird email client is related to incorrect operation of the user interface when the content is processed by the address bar.
processing content in the address bar. Exploitation of the vulnerability could allow an attacker acting remotely to spoof the address bar.
remotely to conduct spoofing attacks

Firefox browser vulnerability is related to insufficient input data validation when processing values of array elements.
of array elements. Exploitation of the vulnerability could allow a remote attacker to bypass security restrictions.
security restrictions

Vulnerability in the isolated iframe environment of the Thunderbird email client is related to errors in input data processing.
input data. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions by sending specially crafted input data.
existing security restrictions by sending a specially crafted email.

Vulnerability in Thunderbird email client is related to input data processing errors. Exploitation
exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions by sending a specially crafted email.
security restrictions by sending a specially crafted email with the iframe srcdoc attribute.