CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 5CVE-2022-28281 – Mozilla: Out of bounds write due to unexpected WebAuthN Extensions
https://notcve.org/view.php?id=CVE-2022-28281
If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. Si un proceso de contenido comprometido envió una cantidad inesperada de extensiones WebAuthN en un comando de registro al proceso principal, se habría producido una escritura fuera de los límites que provocaría daños en la memoria y un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Thunderbird < 91.8, Firefox < 99 y Firefox ESR < 91.8. The Mozilla Foundation Security Advisory describes this flaw as: If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. • https://github.com/0vercl0k/CVE-2022-28281 https://bugzilla.mozilla.org/show_bug.cgi?id=1755621 https://www.mozilla.org/security/advisories/mfsa2022-13 https://www.mozilla.org/security/advisories/mfsa2022-14 https://www.mozilla.org/security/advisories/mfsa2022-15 https://access.redhat.com/security/cve/CVE-2022-28281 https://bugzilla.redhat.com/show_bug.cgi?id=2072560 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-28289 – Mozilla: Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8
https://notcve.org/view.php?id=CVE-2022-28289
Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 91.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. Los desarrolladores de Mozilla y miembros de la comunidad Nika Layzell, Andrew McCreight, Gabriele Svelto y el equipo Mozilla Fuzzing informaron sobre errores de seguridad de la memoria presentes en Thunderbird 91.7. Algunos de estos errores mostraron evidencia de corrupción de memoria y suponemos que con suficiente esfuerzo algunos de ellos podrían haberse aprovechado para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1663508%2C1744525%2C1753508%2C1757476%2C1757805%2C1758549%2C1758776 https://www.mozilla.org/security/advisories/mfsa2022-13 https://www.mozilla.org/security/advisories/mfsa2022-14 https://www.mozilla.org/security/advisories/mfsa2022-15 https://access.redhat.com/security/cve/CVE-2022-28289 https://bugzilla.redhat.com/show_bug.cgi?id=2072566 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-1097 – Mozilla: Use-after-free in NSSToken objects
https://notcve.org/view.php?id=CVE-2022-1097
<code>NSSToken</code> objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. Se hacía referencia a los objetos <code>NSSToken</code> a través de puntos directos y se podría haber accedido a ellos de forma insegura en diferentes subprocesos, lo que provocó un use after free y un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Thunderbird < 91.8, Firefox < 99 y Firefox ESR < 91.8. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1745667 https://www.mozilla.org/security/advisories/mfsa2022-13 https://www.mozilla.org/security/advisories/mfsa2022-14 https://www.mozilla.org/security/advisories/mfsa2022-15 https://access.redhat.com/security/cve/CVE-2022-1097 https://bugzilla.redhat.com/show_bug.cgi?id=2072559 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 5CVE-2022-28282 – Mozilla: Use-after-free in DocumentL10n::TranslateDocument
https://notcve.org/view.php?id=CVE-2022-28282
By using a link with <code>rel="localization"</code> a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. Al utilizar un enlace con <code>rel="localization"</code>, se podría haber activado un use-after-free al destruir un objeto durante la ejecución de JavaScript y luego hacer referencia al objeto a través de un puntero liberado, lo que provocaría un posible bloqueo explotable. Esta vulnerabilidad afecta a Thunderbird < 91.8, Firefox < 99 y Firefox ESR < 91.8. A flaw was found in Mozilla. • https://github.com/bb33bb/CVE-2022-28282-firefox https://bugzilla.mozilla.org/show_bug.cgi?id=1751609 https://www.mozilla.org/security/advisories/mfsa2022-13 https://www.mozilla.org/security/advisories/mfsa2022-14 https://www.mozilla.org/security/advisories/mfsa2022-15 https://access.redhat.com/security/cve/CVE-2022-28282 https://bugzilla.redhat.com/show_bug.cgi?id=2072562 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-26387 – Mozilla: Time-of-check time-of-use bug when verifying add-on signatures
https://notcve.org/view.php?id=CVE-2022-26387
When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7. Al instalar un complemento, Firefox verificaba la firma antes de avisar al usuario; pero mientras el usuario confirmaba el mensaje, el archivo complementario subyacente podría haberse modificado y Firefox no se habría dado cuenta. Esta vulnerabilidad afecta a Firefox < 98, Firefox ESR < 91,7 y Thunderbird < 91.7. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1752979 https://www.mozilla.org/security/advisories/mfsa2022-10 https://www.mozilla.org/security/advisories/mfsa2022-11 https://www.mozilla.org/security/advisories/mfsa2022-12 https://access.redhat.com/security/cve/CVE-2022-26387 https://bugzilla.redhat.com/show_bug.cgi?id=2062222 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •