CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45408 – Mozilla: Fullscreen notification bypass via windowName
https://notcve.org/view.php?id=CVE-2022-45408
Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. A través de una serie de ventanas emergentes que reutilizan el nombre de la ventana, un atacante puede hacer que una ventana pase a pantalla completa sin que el usuario vea el mensaje de notificación, lo que genera una posible confusión del usuario o ataques de suplantación de identidad. Esta vulnerabilidad afecta a Firefox ESR < 102,5, Thunderbird < 102.5 y Firefox < 107. The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. • https://bugzilla.mozilla.org/show_bug.cgi?id=1793829 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-48 https://www.mozilla.org/security/advisories/mfsa2022-49 https://access.redhat.com/security/cve/CVE-2022-45408 https://bugzilla.redhat.com/show_bug.cgi?id=2143201 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45409 – Mozilla: Use-after-free in Garbage Collection
https://notcve.org/view.php?id=CVE-2022-45409
The garbage collector could have been aborted in several states and zones and <code>GCRuntime::finishCollection</code> may not have been called, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. El recolector de basura podría haber sido abortado en varios estados y zonas y es posible que no se haya llamado a <code>GCRuntime::finishCollection</code>, lo que provocó un use after free y un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Firefox ESR < 102,5, Thunderbird < 102.5 y Firefox < 107. The Mozilla Foundation Security Advisory describes this flaw as: The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash. • https://bugzilla.mozilla.org/show_bug.cgi?id=1796901 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-48 https://www.mozilla.org/security/advisories/mfsa2022-49 https://access.redhat.com/security/cve/CVE-2022-45409 https://bugzilla.redhat.com/show_bug.cgi?id=2143202 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45418 – Mozilla: Custom mouse cursor could have been drawn over browser UI
https://notcve.org/view.php?id=CVE-2022-45418
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. Si se especifica un cursor de mouse personalizado en CSS, bajo ciertas circunstancias el cursor podría haberse dibujado sobre la interfaz de usuario del navegador, lo que podría generar confusión en el usuario o ataques de suplantación de identidad. Esta vulnerabilidad afecta a Firefox ESR < 102,5, Thunderbird < 102.5 y Firefox < 107. The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. • https://bugzilla.mozilla.org/show_bug.cgi?id=1795815 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-48 https://www.mozilla.org/security/advisories/mfsa2022-49 https://access.redhat.com/security/cve/CVE-2022-45418 https://bugzilla.redhat.com/show_bug.cgi?id=2143241 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45406 – Mozilla: Use-after-free of a JavaScript Realm
https://notcve.org/view.php?id=CVE-2022-45406
If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. The Mozilla Foundation Security Advisory describes this flaw as: If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. • https://bugzilla.mozilla.org/show_bug.cgi?id=1791975 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-48 https://www.mozilla.org/security/advisories/mfsa2022-49 https://access.redhat.com/security/cve/CVE-2022-45406 https://bugzilla.redhat.com/show_bug.cgi?id=2143200 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-45410 – Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy
https://notcve.org/view.php?id=CVE-2022-45410
When a ServiceWorker intercepted a request with <code>FetchEvent</code>, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. Cuando un ServiceWorker interceptó una solicitud con <code>FetchEvent</code>, el origen de la solicitud se perdió después de que ServiceWorker tomó posesión de ella. • https://bugzilla.mozilla.org/show_bug.cgi?id=1658869 https://www.mozilla.org/security/advisories/mfsa2022-47 https://www.mozilla.org/security/advisories/mfsa2022-48 https://www.mozilla.org/security/advisories/mfsa2022-49 https://access.redhat.com/security/cve/CVE-2022-45410 https://bugzilla.redhat.com/show_bug.cgi?id=2143203 • CWE-1275: Sensitive Cookie with Improper SameSite Attribute •