Main Vulnerability Database Vulnerabilities #VU62809

#VU62809 Resource management error in Mozilla Thunderbird - CVE-2022-29913

Published: May 5, 2022

Vulnerability identifier: #VU62809

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-29913

CWE-ID: CWE-399

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Mozilla Thunderbird

Software vendor:
Mozilla

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to improper management of internal resources when handling Speech Synthesis feature. The parent process does not properly check whether the Speech Synthesis feature is enabled, when receiving instructions from a child process.

Remediation

Install updates from vendor's website.

External links

https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/

#VU62809 Resource management error in Mozilla Thunderbird - CVE-2022-29913

Description

Remediation

External links

Please verify you're human