CVE-2022-38472 – Mozilla: Address bar spoofing via XSLT error handling
https://notcve.org/view.php?id=CVE-2022-38472
An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. Un atacante podría haber abusado del manejo de errores XSLT para asociar contenido controlado por el atacante con otro origen que se mostraba en la barra de direcciones. Esto podría haberse utilizado para engañar al usuario para que envíe datos destinados al origen falsificado. • https://bugzilla.mozilla.org/show_bug.cgi?id=1769155 https://www.mozilla.org/security/advisories/mfsa2022-33 https://www.mozilla.org/security/advisories/mfsa2022-34 https://www.mozilla.org/security/advisories/mfsa2022-35 https://www.mozilla.org/security/advisories/mfsa2022-36 https://www.mozilla.org/security/advisories/mfsa2022-37 https://access.redhat.com/security/cve/CVE-2022-38472 https://bugzilla.redhat.com/show_bug.cgi?id=2120673 • CWE-346: Origin Validation Error CWE-356: Product UI does not Warn User of Unsafe Actions •
CVE-2022-38476 – Mozilla: Data race and potential use-after-free in PK11_ChangePW
https://notcve.org/view.php?id=CVE-2022-38476
A data race could occur in the <code>PK11_ChangePW</code> function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. This vulnerability affects Firefox ESR < 102.2 and Thunderbird < 102.2. Podría producirse una carrera de datos en la función <code>PK11_ChangePW</code>, lo que podría provocar una vulnerabilidad de use-after-free. En Firefox, este bloqueo protegía los datos cuando un usuario cambiaba su contraseña maestra. • https://bugzilla.mozilla.org/show_bug.cgi?id=1760998 https://www.mozilla.org/security/advisories/mfsa2022-34 https://www.mozilla.org/security/advisories/mfsa2022-36 https://access.redhat.com/security/cve/CVE-2022-38476 https://bugzilla.redhat.com/show_bug.cgi?id=2120678 • CWE-416: Use After Free •
CVE-2022-2505 – Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1
https://notcve.org/view.php?id=CVE-2022-2505
Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1. Los desarrolladores de Mozilla y el equipo Mozilla Fuzzing informaron errores de seguridad de la memoria presentes en Firefox 102. Algunos de estos errores mostraron evidencia de corrupción de la memoria y suponemos que con suficiente esfuerzo algunos de ellos podrían haberse aprovechado para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1769739%2C1772824 https://www.mozilla.org/security/advisories/mfsa2022-28 https://www.mozilla.org/security/advisories/mfsa2022-30 https://www.mozilla.org/security/advisories/mfsa2022-32 https://access.redhat.com/security/cve/CVE-2022-2505 https://bugzilla.redhat.com/show_bug.cgi?id=2111910 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2022-36319 – Mozilla: Mouse Position spoofing with CSS transforms
https://notcve.org/view.php?id=CVE-2022-36319
When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12. Al combinar propiedades CSS para desbordamiento y transformación, el cursor del mouse podría interactuar con coordenadas diferentes a las mostradas. Esta vulnerabilidad afecta a Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1 y Thunderbird < 91.12. The Mozilla Foundation Security Advisory describes this flaw as: When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. • https://bugzilla.mozilla.org/show_bug.cgi?id=1737722 https://www.mozilla.org/security/advisories/mfsa2022-28 https://www.mozilla.org/security/advisories/mfsa2022-29 https://www.mozilla.org/security/advisories/mfsa2022-30 https://www.mozilla.org/security/advisories/mfsa2022-31 https://www.mozilla.org/security/advisories/mfsa2022-32 https://access.redhat.com/security/cve/CVE-2022-36319 https://bugzilla.redhat.com/show_bug.cgi?id=2111907 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVE-2022-36318 – Mozilla: Directory indexes for bundled resources reflected URL parameters
https://notcve.org/view.php?id=CVE-2022-36318
When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12. Al visitar listados de directorios para URL `chrome://` como texto fuente, se reflejaron algunos parámetros. Esta vulnerabilidad afecta a Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird< 102.1 y Thunderbird < 91.12. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1771774 https://www.mozilla.org/security/advisories/mfsa2022-28 https://www.mozilla.org/security/advisories/mfsa2022-29 https://www.mozilla.org/security/advisories/mfsa2022-30 https://www.mozilla.org/security/advisories/mfsa2022-31 https://www.mozilla.org/security/advisories/mfsa2022-32 https://access.redhat.com/security/cve/CVE-2022-36318 https://bugzilla.redhat.com/show_bug.cgi?id=2111908 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •