CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1834 – Mozilla: Braille space character caused incorrect sender email to be shown for a digitally signed email
https://notcve.org/view.php?id=CVE-2022-1834
When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker's digital signature, that was shown with an arbitrary sender email address chosen by the attacker. If the sender name started with a false email address, followed by many Braille space characters, the attacker's email address was not visible. Because Thunderbird compared the invisible sender address with the signature's email address, if the signing key or certificate was accepted by Thunderbird, the email was shown as having a valid digital signature. This vulnerability affects Thunderbird < 91.10. • https://bugzilla.mozilla.org/show_bug.cgi?id=1767816 https://www.mozilla.org/security/advisories/mfsa2022-22 https://access.redhat.com/security/cve/CVE-2022-1834 https://bugzilla.redhat.com/show_bug.cgi?id=2092416 • CWE-295: Improper Certificate Validation CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-31738 – Mozilla: Browser window spoof using fullscreen mode
https://notcve.org/view.php?id=CVE-2022-31738
When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. Al salir del modo de pantalla completa, un iframe podría haber confundido al navegador sobre el estado actual de la pantalla completa, lo que podría generar confusión en el usuario o ataques de suplantación de identidad. Esta vulnerabilidad afecta a Thunderbird < 91.10, Firefox < 101 y Firefox ESR < 91.10. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1756388 https://www.mozilla.org/security/advisories/mfsa2022-20 https://www.mozilla.org/security/advisories/mfsa2022-21 https://www.mozilla.org/security/advisories/mfsa2022-22 https://access.redhat.com/security/cve/CVE-2022-31738 https://bugzilla.redhat.com/show_bug.cgi?id=2092021 • CWE-290: Authentication Bypass by Spoofing CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-31742 – Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information
https://notcve.org/view.php?id=CVE-2022-31742
An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. Un atacante podría haber aprovechado un ataque de sincronización enviando una gran cantidad de entradas allowCredential y detectando la diferencia entre identificadores de claves no válidas y identificadores de claves de origen cruzado. Esto podría haber llevado a la vinculación de cuentas entre orígenes en violación de los objetivos de WebAuthn. • https://bugzilla.mozilla.org/show_bug.cgi?id=1730434 https://www.mozilla.org/security/advisories/mfsa2022-20 https://www.mozilla.org/security/advisories/mfsa2022-21 https://www.mozilla.org/security/advisories/mfsa2022-22 https://access.redhat.com/security/cve/CVE-2022-31742 https://bugzilla.redhat.com/show_bug.cgi?id=2092025 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-31747 – Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10
https://notcve.org/view.php?id=CVE-2022-31747
Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. Los desarrolladores de Mozilla, Andrew McCreight, Nicolas B. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1760765%2C1765610%2C1766283%2C1767365%2C1768559%2C1768734 https://www.mozilla.org/security/advisories/mfsa2022-20 https://www.mozilla.org/security/advisories/mfsa2022-21 https://www.mozilla.org/security/advisories/mfsa2022-22 https://access.redhat.com/security/cve/CVE-2022-31747 https://bugzilla.redhat.com/show_bug.cgi?id=2092026 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-31741 – Mozilla: Uninitialized variable leads to invalid memory read
https://notcve.org/view.php?id=CVE-2022-31741
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. Un mensaje CMS manipulado podría haberse procesado incorrectamente, lo que habría provocado una lectura de memoria no válida y, potencialmente, una mayor corrupción de la memoria. Esta vulnerabilidad afecta a Thunderbird < 91.10, Firefox < 101 y Firefox ESR < 91.10. The Mozilla Foundation Security Advisory describes this flaw as: A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. • https://bugzilla.mozilla.org/show_bug.cgi?id=1767590 https://www.mozilla.org/security/advisories/mfsa2022-20 https://www.mozilla.org/security/advisories/mfsa2022-21 https://www.mozilla.org/security/advisories/mfsa2022-22 https://access.redhat.com/security/cve/CVE-2022-31741 https://bugzilla.redhat.com/show_bug.cgi?id=2092024 • CWE-457: Use of Uninitialized Variable CWE-908: Use of Uninitialized Resource •