Multiple vulnerabilities in Mozilla Firefox
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 19 |
| CVE-ID | CVE-2022-34479 CVE-2022-34483 CVE-2022-34482 CVE-2022-34468 CVE-2022-34470 CVE-2022-34476 CVE-2022-34481 CVE-2022-34474 CVE-2022-34469 CVE-2022-34471 CVE-2022-34472 CVE-2022-34478 CVE-2022-2200 CVE-2022-34484 CVE-2022-34480 CVE-2022-34477 CVE-2022-34475 CVE-2022-34473 CVE-2022-34485 |
| CWE-ID | CWE-1021 CWE-357 CWE-254 CWE-416 CWE-20 CWE-190 CWE-807 CWE-388 CWE-939 CWE-94 CWE-119 CWE-824 CWE-346 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Mozilla Firefox Client/Desktop applications / Web browsers Firefox for Android Mobile applications / Apps for mobile phones |
| Vendor | Mozilla |
Security Bulletin
This security bulletin contains information about 19 vulnerabilities.
1) Improper Restriction of Rendered UI Layers or Frames
EUVDB-ID: #VU64750
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2022-34479
CWE-ID:
CWE-1021 - Improper Restriction of Rendered UI Layers or Frames
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to improper handling of resizing event for a popup window. A remote attacker can create a specially crafted website that can create a resized popup to overlay the address bar with its own content and perform spoofing attack.
Note, the vulnerability affects Linux installations only.
Install updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 90.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
2) Insufficient UI Warning of Dangerous Operations
EUVDB-ID: #VU64754
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2022-34483
CWE-ID:
CWE-357 - Insufficient UI Warning of Dangerous Operations
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient UI warning when performing drag and drop operations. A remote attacker can trick the victim to drag and drop an image to a filesystem, manipulate the resulting filename to contain executable extension and execute arbitrary application on the system.
Install updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 92.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
3) Insufficient UI Warning of Dangerous Operations
EUVDB-ID: #VU64753
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2022-34482
CWE-ID:
CWE-357 - Insufficient UI Warning of Dangerous Operations
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient UI warning when performing drag and drop operations. A remote attacker can trick the victim to drag and drop an image to a filesystem, manipulate the resulting filename to contain executable extension and execute arbitrary application on the system.
Install updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 92.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
4) Security features bypass
EUVDB-ID: #VU64752
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2022-34468
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to improper handling of the CSP sandbox header without "allow-scripts" option. A remote attacker use an iframe to bypass implemented CSP restriction and execute scripts if the user clicks on a javascript: link.
Install updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 90.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
5) Use-after-free
EUVDB-ID: #VU64751
Risk: High
CVSSv3.1:
CVE-ID: CVE-2022-34470
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in nsSHistory when handling XML documents. A remote attacker can trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 90.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
6) Input validation error
EUVDB-ID: #VU64755
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2022-34476
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a spoofing attack.
The vulnerability exists due to insufficient validation of an indefinite SEQUENCE inside an indefinite GROUP when parsing ASN.1. A remote attacker can trick the browser into accessing a malformed ASN.1 and perform spoofing attack.
Install updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 92.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
7) Integer overflow
EUVDB-ID: #VU64756
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2022-34481
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in the nsTArray_Impl::ReplaceElementsAt() function. A remote attacker can trick the victim to visit a specially crafted website, trigger an integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 90.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
8) Security features bypass
EUVDB-ID: #VU64757
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2022-34474
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to an error when handling sandboxed iframes with allow-top-navigation-by-user-activation. A remote attacker can pass a redirect header to an external protocol to the browser and force the browser to process the redirect. The browser however will prompt the user as appropriate.
Install updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 92.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
9) Security features bypass
EUVDB-ID: #VU64758
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2022-34469
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to an error when handling TLC certificate errors on a domain protected by the HSTS header. A remote attacker can trick the victim into bypassing the error using the presented browser option.
Install updates from vendor's website.
Vulnerable software versionsFirefox for Android: 92.1.0 - 101.2.0
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
10) Reliance on Untrusted Inputs in a Security Decision
EUVDB-ID: #VU64759
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2022-34471
CWE-ID:
CWE-807 - Reliance on Untrusted Inputs in a Security Decision
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to force downgrade existing browser addons.
The vulnerability exists due to missing verification of the advertised version when installing addon updates. When downloading an update for an addon, the downloaded addon update's version is not verified to match the version selected from the manifest. If the manifest had been tampered with on the server, an attacker could trick the browser into downgrading the addon to a prior version.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 92.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
11) Error Handling
EUVDB-ID: #VU64760
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2022-34472
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to influence browser behavior.
The vulnerability exists due to improper error handling when processing unavailable PAC file. If a PAC URL is set and the server that hosts the PAC is unreachable, OCSP requests are blocked, resulting in incorrect error pages being shown.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 90.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
12) Improper Authorization in Handler for Custom URL Scheme
EUVDB-ID: #VU64761
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2022-34478
CWE-ID:
CWE-939 - Improper Authorization in Handler for Custom URL Scheme
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insecure usage of URI handlers that allow usage of ms-msdt, search, and search-ms protocols. A remote attacker can trick the victim to click on a specially crafted link and execute arbitrary code on the system, if the victim accepts the browser prompt.
The vulnerability affects Firefox on Windows.
Install updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 90.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
13) Code Injection
EUVDB-ID: #VU64762
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2022-2200
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary JavaScript code.
The vulnerability exists due to improper input validation when handling JavaScript attributes. A remote attacker can pass undesired attributes to JavaScript object and perform prototype pollution and execute arbitrary JavaScript code in the browser.
Install updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 90.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
14) Buffer overflow
EUVDB-ID: #VU64763
Risk: High
CVSSv3.1:
CVE-ID: CVE-2022-34484
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 90.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
15) Access of Uninitialized Pointer
EUVDB-ID: #VU64764
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2022-34480
CWE-ID:
CWE-824 - Access of Uninitialized Pointer
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to crash the browser.
The vulnerability exists due to a boundary error within the lg_init() function when handling several allocations. A remote attacker can cause browser crash.
Install updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 92.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
16) Origin validation error
EUVDB-ID: #VU64765
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2022-34477
CWE-ID:
CWE-346 - Origin Validation Error
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to origin validation error. The MediaError message property should be consistent to avoid leaking information about cross-origin resources, however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 92.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
17) Security features bypass
EUVDB-ID: #VU64766
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2022-34475
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to improper handling of SVG <use> tags that referenced a same-origin document. A remote attacker can bypass the HTML Sanitizer API by referencing a same-origin JavaScript file containing the script to be executed.
Install updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 92.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
18) Security features bypass
EUVDB-ID: #VU64767
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2022-34473
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to improper handling of thexlink:hrefattribute of SVG <use> tags. A remote attacker can bypass the HTML Sanitizerand perform XSS attacks.Mitigation
Install updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 92.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
19) Buffer overflow
EUVDB-ID: #VU64768
Risk: High
CVSSv3.1:
CVE-ID: CVE-2022-34485
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMozilla Firefox: 92.0 - 101.0.1
CPE2.3 External links
http://www.mozilla.org/en-US/security/advisories/mfsa2022-24/
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?
