Multiple vulnerabilities in Mozilla Firefox



Published: 2022-05-31
Risk High
Patch available YES
Number of vulnerabilities 13
CVE-ID CVE-2022-31736
CVE-2022-31737
CVE-2022-31738
CVE-2022-31739
CVE-2022-31740
CVE-2022-31741
CVE-2022-31742
CVE-2022-31747
CVE-2022-31743
CVE-2022-31744
CVE-2022-31745
CVE-2022-1919
CVE-2022-31748
CWE-ID CWE-200
CWE-787
CWE-451
CWE-22
CWE-119
CWE-457
CWE-94
CWE-254
CWE-617
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Mozilla Firefox
Client/Desktop applications / Web browsers

Firefox ESR
Client/Desktop applications / Web browsers

Vendor Mozilla

Security Bulletin

This security bulletin contains information about 13 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU63872

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-31736

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to an error when processing HTTP requests. A malicious website can obtain the size of a cross-origin resource that supported Range requests.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 90.0 - 100.0.2

Firefox ESR: 91.0 - 91.9.1


CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2022-20/
http://www.mozilla.org/en-US/security/advisories/mfsa2022-21/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Out-of-bounds write

EUVDB-ID: #VU63873

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-31737

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in WebGL when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 90.0 - 100.0.2

Firefox ESR: 91.0 - 91.9.1


CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2022-20/
http://www.mozilla.org/en-US/security/advisories/mfsa2022-21/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

3) Spoofing attack

EUVDB-ID: #VU63874

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-31738

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error when exiting fullscreen mode. A remote attacker can use an iframe to confused the browser about the current state of fullscreen and perform spoofing attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 90.0 - 100.0.2

Firefox ESR: 91.0 - 91.9.1


CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2022-20/
http://www.mozilla.org/en-US/security/advisories/mfsa2022-21/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

4) Path traversal

EUVDB-ID: #VU63875

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-31739

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when saving downloaded files on Windows. A remote attacker can use the "%" character in filename to store data outside the intended directory using Windows environment variables, such as %HOMEPATH% or %APPDATA%.

The vulnerability affects Windows installations only.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Mozilla Firefox: 90.0 - 100.0.2

Firefox ESR: 91.0 - 91.9.1


CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2022-20/
http://www.mozilla.org/en-US/security/advisories/mfsa2022-21/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

5) Buffer overflow

EUVDB-ID: #VU63876

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-31740

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error related to register allocation problem in WASM on arm64. A remote attacker can create a specially crafted webpage, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 90.0 - 100.0.2

Firefox ESR: 91.0 - 91.9.1


CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2022-20/
http://www.mozilla.org/en-US/security/advisories/mfsa2022-21/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

6) Use of Uninitialized Variable

EUVDB-ID: #VU63877

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-31741

CWE-ID: CWE-457 - Use of Uninitialized Variable

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted webpage, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 90.0 - 100.0.2

Firefox ESR: 91.0 - 91.9.1


CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2022-20/
http://www.mozilla.org/en-US/security/advisories/mfsa2022-21/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

7) Information disclosure

EUVDB-ID: #VU63878

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-31742

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to an error when handling a large number of allowCredential entries. A remote attacker can trick the victim to visit a specially crafted website, launch a timing attack and detect the difference between invalid key handles and cross-origin key handles. Successful exploitation of the vulnerability can lead to cross-origin account linking in violation of WebAuthn goals.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 90.0 - 100.0.2

Firefox ESR: 91.0 - 91.9.1


CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2022-20/
http://www.mozilla.org/en-US/security/advisories/mfsa2022-21/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

8) Buffer overflow

EUVDB-ID: #VU63879

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-31747

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 90.0 - 100.0.2

Firefox ESR: 91.0 - 91.9.1


CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2022-20/
http://www.mozilla.org/en-US/security/advisories/mfsa2022-21/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

9) Code Injection

EUVDB-ID: #VU63880

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-31743

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary JavaScript code.

The vulnerability exists due to improper input validation when handling HTML comment tags. A remote attacker can abuse this error to perform XSS attacks.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 100.0 - 100.0.2


CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2022-20/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

10) Security features bypass

EUVDB-ID: #VU63881

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-31744

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to an error when processing CSS stylesheets accessible via internal URIs, as "resource:". A remote attacker can bypass implemented Content Security Policy.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 100.0 - 100.0.2


CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2022-20/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

11) Reachable Assertion

EUVDB-ID: #VU63882

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-31745

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect assertion when array shift operations are not used. The Garbage Collector can become confused about valid objects. This can lead to application crash.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 100.0 - 100.0.2


CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2022-20/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

12) Buffer overflow

EUVDB-ID: #VU63883

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-1919

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing webp images. A remote attacker can trick the victim into visiting a specially crafted webpage, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 100.0 - 100.0.2


CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2022-20/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

13) Buffer overflow

EUVDB-ID: #VU63884

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-31748

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Mozilla Firefox: 100.0 - 100.0.2


CPE2.3 External links

http://www.mozilla.org/en-US/security/advisories/mfsa2022-20/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###