CVE-2022-36319 – Mozilla: Mouse Position spoofing with CSS transforms
https://notcve.org/view.php?id=CVE-2022-36319
When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12. Al combinar propiedades CSS para desbordamiento y transformación, el cursor del mouse podría interactuar con coordenadas diferentes a las mostradas. Esta vulnerabilidad afecta a Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1 y Thunderbird < 91.12. The Mozilla Foundation Security Advisory describes this flaw as: When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. • https://bugzilla.mozilla.org/show_bug.cgi?id=1737722 https://www.mozilla.org/security/advisories/mfsa2022-28 https://www.mozilla.org/security/advisories/mfsa2022-29 https://www.mozilla.org/security/advisories/mfsa2022-30 https://www.mozilla.org/security/advisories/mfsa2022-31 https://www.mozilla.org/security/advisories/mfsa2022-32 https://access.redhat.com/security/cve/CVE-2022-36319 https://bugzilla.redhat.com/show_bug.cgi?id=2111907 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVE-2022-36318 – Mozilla: Directory indexes for bundled resources reflected URL parameters
https://notcve.org/view.php?id=CVE-2022-36318
When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12. Al visitar listados de directorios para URL `chrome://` como texto fuente, se reflejaron algunos parámetros. Esta vulnerabilidad afecta a Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird< 102.1 y Thunderbird < 91.12. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1771774 https://www.mozilla.org/security/advisories/mfsa2022-28 https://www.mozilla.org/security/advisories/mfsa2022-29 https://www.mozilla.org/security/advisories/mfsa2022-30 https://www.mozilla.org/security/advisories/mfsa2022-31 https://www.mozilla.org/security/advisories/mfsa2022-32 https://access.redhat.com/security/cve/CVE-2022-36318 https://bugzilla.redhat.com/show_bug.cgi?id=2111908 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2022-34468 – Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI
https://notcve.org/view.php?id=CVE-2022-34468
An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. Un iframe al que no se le permitía ejecutar scripts podría hacerlo si el usuario hacía clic en un enlace <code>javascript:</code>. Esta vulnerabilidad afecta a Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102 y Thunderbird < 91.11. The Mozilla Foundation Security Advisory describes this flaw as: An iframe that was not permitted to run scripts could do so if the user clicked on a `javascript:` link. • https://bugzilla.mozilla.org/show_bug.cgi?id=1768537 https://www.mozilla.org/security/advisories/mfsa2022-24 https://www.mozilla.org/security/advisories/mfsa2022-25 https://www.mozilla.org/security/advisories/mfsa2022-26 https://access.redhat.com/security/cve/CVE-2022-34468 https://bugzilla.redhat.com/show_bug.cgi?id=2102163 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-34472 – Mozilla: Unavailable PAC file resulted in OCSP requests being blocked
https://notcve.org/view.php?id=CVE-2022-34472
If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. Si hubiera una URL de PAC configurada y no se pudiera acceder al servidor que aloja el PAC, las solicitudes de OCSP se habrían bloqueado, lo que provocaría que se mostraran páginas de error incorrectas. Esta vulnerabilidad afecta a Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102 y Thunderbird < 91.11. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1770123 https://www.mozilla.org/security/advisories/mfsa2022-24 https://www.mozilla.org/security/advisories/mfsa2022-25 https://www.mozilla.org/security/advisories/mfsa2022-26 https://access.redhat.com/security/cve/CVE-2022-34472 https://bugzilla.redhat.com/show_bug.cgi?id=2102166 • CWE-393: Return of Wrong Status Code •
CVE-2022-34481 – Mozilla: Potential integer overflow in ReplaceElementsAt
https://notcve.org/view.php?id=CVE-2022-34481
In the <code>nsTArray_Impl::ReplaceElementsAt()</code> function, an integer overflow could have occurred when the number of elements to replace was too large for the container. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. En la función <code>nsTArray_Impl::ReplaceElementsAt()</code>, podría haber ocurrido un desbordamiento de enteros cuando la cantidad de elementos a reemplazar era demasiado grande para el contenedor. Esta vulnerabilidad afecta a Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102 y Thunderbird < 91.11. The Mozilla Foundation Security Advisory describes this flaw as: In the `nsTArray_Impl::ReplaceElementsAt()` function, where an integer overflow could occur when the number of elements to replace was too large for the container. • https://bugzilla.mozilla.org/show_bug.cgi?id=1497246 https://www.mozilla.org/security/advisories/mfsa2022-24 https://www.mozilla.org/security/advisories/mfsa2022-25 https://www.mozilla.org/security/advisories/mfsa2022-26 https://access.redhat.com/security/cve/CVE-2022-34481 https://bugzilla.redhat.com/show_bug.cgi?id=2102164 • CWE-190: Integer Overflow or Wraparound •