CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43529 – thunderbird: Memory corruption when processing S/MIME messages
https://notcve.org/view.php?id=CVE-2021-43529
Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures. A flaw was found in Thunderbird, which is vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures. • https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2021-43529 https://access.redhat.com/security/cve/CVE-2021-43529 https://bugzilla.redhat.com/show_bug.cgi?id=2088353 https://access.redhat.com/security/cve/CVE-2021-43527 https://access.redhat.com/security/vulnerabilities/RHSB-2021-008 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-4126
https://notcve.org/view.php?id=CVE-2021-4126
When receiving an OpenPGP/MIME signed email message that contains an additional outer MIME message layer, for example a message footer added by a mailing list gateway, Thunderbird only considered the inner signed message for the signature validity. This gave the false impression that the additional contents were also covered by the digital signature. Starting with Thunderbird version 91.4.1, only the signature that belongs to the top level MIME part will be considered for the displayed status. This vulnerability affects Thunderbird < 91.4.1. Al recibir un mensaje de correo electrónico firmado con OpenPGP/MIME que contiene una capa de mensaje MIME externa adicional, por ejemplo un pie de página de mensaje agregado por una puerta de enlace de lista de correo, Thunderbird solo consideró el mensaje firmado interno para la validez de la firma. • https://bugzilla.mozilla.org/show_bug.cgi?id=1732310 https://www.mozilla.org/security/advisories/mfsa2021-55 •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-22740 – Mozilla: Use-after-free of ChannelEventQueue::mOwner
https://notcve.org/view.php?id=CVE-2022-22740
Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. Ciertos objetos de solicitud de red se liberaron demasiado pronto al liberar un identificador de solicitud de red. Esto podría haber dado lugar a un use-after-free que provocaría un bloqueo potencialmente explotable. • https://bugzilla.mozilla.org/show_bug.cgi?id=1742334 https://www.mozilla.org/security/advisories/mfsa2022-01 https://www.mozilla.org/security/advisories/mfsa2022-02 https://www.mozilla.org/security/advisories/mfsa2022-03 https://access.redhat.com/security/cve/CVE-2022-22740 https://bugzilla.redhat.com/show_bug.cgi?id=2039565 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22751 – Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5
https://notcve.org/view.php?id=CVE-2022-22751
Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. Los desarrolladores de Mozilla, Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke y Steve Fink informaron sobre errores de seguridad de la memoria presentes en Firefox 95 y Firefox ESR 91.4. Algunos de estos errores mostraron evidencia de corrupción de memoria y suponemos que con suficiente esfuerzo algunos de ellos podrían haberse aprovechado para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1664149%2C1737816%2C1739366%2C1740274%2C1740797%2C1741201%2C1741869%2C1743221%2C1743515%2C1745373%2C1746011 https://www.mozilla.org/security/advisories/mfsa2022-01 https://www.mozilla.org/security/advisories/mfsa2022-02 https://www.mozilla.org/security/advisories/mfsa2022-03 https://access.redhat.com/security/cve/CVE-2022-22751 https://bugzilla.redhat.com/show_bug.cgi?id=2039574 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22743 – Mozilla: Browser window spoof using fullscreen mode
https://notcve.org/view.php?id=CVE-2022-22743
When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. Al navegar desde dentro de un iframe mientras se solicita acceso a pantalla completa, una pestaña controlada por un atacante podría haber impedido que el navegador saliera del modo de pantalla completa. Esta vulnerabilidad afecta a Firefox ESR < 91.5, Firefox < 96 y Thunderbird < 91.5. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1739220 https://www.mozilla.org/security/advisories/mfsa2022-01 https://www.mozilla.org/security/advisories/mfsa2022-02 https://www.mozilla.org/security/advisories/mfsa2022-03 https://access.redhat.com/security/cve/CVE-2022-22743 https://bugzilla.redhat.com/show_bug.cgi?id=2039561 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •