CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-38472 – Mozilla: Address bar spoofing via XSLT error handling
https://notcve.org/view.php?id=CVE-2022-38472
An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. Un atacante podría haber abusado del manejo de errores XSLT para asociar contenido controlado por el atacante con otro origen que se mostraba en la barra de direcciones. Esto podría haberse utilizado para engañar al usuario para que envíe datos destinados al origen falsificado. • https://bugzilla.mozilla.org/show_bug.cgi?id=1769155 https://www.mozilla.org/security/advisories/mfsa2022-33 https://www.mozilla.org/security/advisories/mfsa2022-34 https://www.mozilla.org/security/advisories/mfsa2022-35 https://www.mozilla.org/security/advisories/mfsa2022-36 https://www.mozilla.org/security/advisories/mfsa2022-37 https://access.redhat.com/security/cve/CVE-2022-38472 https://bugzilla.redhat.com/show_bug.cgi?id=2120673 • CWE-346: Origin Validation Error CWE-356: Product UI does not Warn User of Unsafe Actions •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-38473 – Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions
https://notcve.org/view.php?id=CVE-2022-38473
A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access). This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. Un iframe de origen cruzado que haga referencia a un documento XSLT heredaría los permisos del dominio principal (como el acceso al micrófono o la cámara). Esta vulnerabilidad afecta a Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2 y Firefox < 104. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1771685 https://www.mozilla.org/security/advisories/mfsa2022-33 https://www.mozilla.org/security/advisories/mfsa2022-34 https://www.mozilla.org/security/advisories/mfsa2022-35 https://www.mozilla.org/security/advisories/mfsa2022-36 https://www.mozilla.org/security/advisories/mfsa2022-37 https://access.redhat.com/security/cve/CVE-2022-38473 https://bugzilla.redhat.com/show_bug.cgi?id=2120674 • CWE-281: Improper Preservation of Permissions CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-38477 – Mozilla: Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2
https://notcve.org/view.php?id=CVE-2022-38477
Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.2, Thunderbird < 102.2, and Firefox < 104. La desarrolladora de Mozilla, Nika Layzell, y el equipo Mozilla Fuzzing informaron errores de seguridad de la memoria presentes en Firefox 103 y Firefox ESR 102.1. Algunos de estos errores mostraron evidencia de corrupción de memoria y suponemos que con suficiente esfuerzo algunos de ellos podrían haberse aprovechado para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1760611%2C1770219%2C1771159%2C1773363 https://www.mozilla.org/security/advisories/mfsa2022-33 https://www.mozilla.org/security/advisories/mfsa2022-34 https://www.mozilla.org/security/advisories/mfsa2022-36 https://access.redhat.com/security/cve/CVE-2022-38477 https://bugzilla.redhat.com/show_bug.cgi?id=2120695 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-26385
https://notcve.org/view.php?id=CVE-2022-26385
In unusual circumstances, an individual thread may outlive the thread's manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 98. En circunstancias inusuales, un subproceso individual puede sobrevivir al administrador del subproceso durante el cierre. Esto podría haber llevado a un use-after-free que provocó un bloqueo potencialmente explotable. • https://bugzilla.mozilla.org/show_bug.cgi?id=1747526 https://www.mozilla.org/security/advisories/mfsa2022-10 • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2022-26382
https://notcve.org/view.php?id=CVE-2022-26382
While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox < 98. Si bien JavaScript no puede leer directamente el texto que se muestra en la información sobre herramientas de Autocompletar, el texto se representó utilizando fuentes de página. Los ataques de canal lateral al texto mediante el uso de fuentes especialmente manipuladas podrían haber llevado a que la página web infiera este texto. • https://bugzilla.mozilla.org/show_bug.cgi?id=1741888 https://www.mozilla.org/security/advisories/mfsa2022-10 • CWE-203: Observable Discrepancy •