Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. #CVE-2022-22739: Missing throttling on external protocol launch dialog Reporter Alesandro Ortiz Impact low Description This crash is believed to be unexploitable. #CVE-2022-22747: Crash when handling empty pkcs7 sequence Reporter Tavis Ormandy Impact low DescriptionĪfter accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This bug only affects Firefox for Windows. This could have lead to command injection if pasted into a Powershell prompt. The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. #CVE-2022-22744: The 'Copy as curl' feature in DevTools did not fully escape website-controlled data, potentially leading to command injection Reporter Mattias Jacobsson Impact moderate Description Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations References
#CVE-2022-22745: Leaking cross-origin URLs through securitypolicyviolation event Reporter Jannis Rautenstrauch Impact moderate Description Malicious websites could have confused Thunderbird into showing the wrong origin when asking to launch a program and handling an external URL protocol. #CVE-2022-22748: Spoofed origin on external protocol launch dialog Reporter Alesandro Ortiz Impact moderate Description It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. #CVE-2021-4140: Iframe sandbox bypass with XSLT Reporter Peter Van der Beken Impact high Description This could have lead to a use-after-free causing a potentially exploitable crash. #CVE-2022-22737: Race condition when playing audio files Reporter bo13oy of Cyber Kunlun Lab Impact high DescriptionĬonstructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. #CVE-2022-22738: Heap-buffer-overflow in blendGaussianBlur Reporter Atte Kettunen Impact high DescriptionĪpplying a CSS filter effect could have accessed out of bounds memory. #CVE-2022-22740: Use-after-free of ChannelEventQueue::mOwner Reporter bo13oy of Cyber Kunlun Lab Impact high DescriptionĬertain network request objects were freed too early when releasing a network request handle. When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. #CVE-2022-22741: Browser window spoof using fullscreen mode Reporter Irvan Kurniawan Impact high Description When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. #CVE-2022-22742: Out-of-bounds memory access when inserting text in edit mode Reporter Irvan Kurniawan Impact high Description
When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. #CVE-2022-22743: Browser window spoof using fullscreen mode Reporter Irvan Kurniawan Impact high Description This bug only affects Thunderbird for Windows. #CVE-2022-22746: Calling into reportValidity could have lead to fullscreen window spoof Reporter Irvan Kurniawan Impact high DescriptionĪ race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed. Mozilla Foundation Security Advisory 2022-02 Security Vulnerabilities fixed in Firefox ESR 91.5 Announced JanuImpact high Products Firefox ESR Fixed in
0 kommentar(er)
