Resource management error in Mozilla Thunderbird - CVE-2022-29913
Published: May 5, 2022
Vulnerability identifier: #VU62809
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-29913
CWE-ID: CWE-399
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Mozilla
Affected software:
Mozilla Thunderbird
Mozilla Thunderbird
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to improper management of internal resources when handling Speech Synthesis feature. The parent process does not properly check whether the Speech Synthesis
feature is enabled, when receiving instructions from a child process.
How to mitigate CVE-2022-29913
Install updates from vendor's website.