26 matches found
Astra Linux - уязвимость в firefox, thunderbird
Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This...
SUSE CVE-2022-46879
Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...
SUSE CVE-2022-45418
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...
SUSE CVE-2022-45420
Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...
CVE-2022-45415
When downloading an HTML file, if the title of the page was formatted as a filename with a malicious extension, Firefox may have saved the file with that extension, leading to possible system compromise if the downloaded file was later ran. This vulnerability affects Firefox 107...
CVE-2022-45407
The CVE-2022-45407 entry describes a Firefox vulnerability where loading a font via FontFace() on a background worker could trigger a use-after-free, potentially enabling a crash. Affected product: Mozilla Firefox prior to version 107. Root cause: memory safety issue in handling FontFace() usage ...
CVE-2022-46883
Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...
CVE-2022-45413
Using the S.browserfallbackurl parameter parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent.This issue only affects Firefox for Android. Other operating systems are not affected.. This vulnerability affects Firefox 107...
CVE-2022-45407
If an attacker loaded a font using FontFace on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox 107...
Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird 102.6
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107 and Firefox ESR 102.5. Some of these bugs showed evidence of memory corruption and we...
Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird 102.6
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107 and Firefox ESR 102.5. Some of these bugs showed evidence of memory corruption and we...
CVE-2022-46878
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107 and Firefox ESR 102.5. Some of these bugs showed evidence of memory corruption and we...
UBUNTU-CVE-2022-46879
Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...
Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of...
Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of...
Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of...
Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of...
Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of...
Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of...
Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of...