CVE-2022-38473 – Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions
https://notcve.org/view.php?id=CVE-2022-38473
A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access). This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. Un iframe de origen cruzado que haga referencia a un documento XSLT heredaría los permisos del dominio principal (como el acceso al micrófono o la cámara). Esta vulnerabilidad afecta a Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2 y Firefox < 104. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1771685 https://www.mozilla.org/security/advisories/mfsa2022-33 https://www.mozilla.org/security/advisories/mfsa2022-34 https://www.mozilla.org/security/advisories/mfsa2022-35 https://www.mozilla.org/security/advisories/mfsa2022-36 https://www.mozilla.org/security/advisories/mfsa2022-37 https://access.redhat.com/security/cve/CVE-2022-38473 https://bugzilla.redhat.com/show_bug.cgi?id=2120674 • CWE-281: Improper Preservation of Permissions CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVE-2022-38472 – Mozilla: Address bar spoofing via XSLT error handling
https://notcve.org/view.php?id=CVE-2022-38472
An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. Un atacante podría haber abusado del manejo de errores XSLT para asociar contenido controlado por el atacante con otro origen que se mostraba en la barra de direcciones. Esto podría haberse utilizado para engañar al usuario para que envíe datos destinados al origen falsificado. • https://bugzilla.mozilla.org/show_bug.cgi?id=1769155 https://www.mozilla.org/security/advisories/mfsa2022-33 https://www.mozilla.org/security/advisories/mfsa2022-34 https://www.mozilla.org/security/advisories/mfsa2022-35 https://www.mozilla.org/security/advisories/mfsa2022-36 https://www.mozilla.org/security/advisories/mfsa2022-37 https://access.redhat.com/security/cve/CVE-2022-38472 https://bugzilla.redhat.com/show_bug.cgi?id=2120673 • CWE-346: Origin Validation Error CWE-356: Product UI does not Warn User of Unsafe Actions •
CVE-2022-38476 – Mozilla: Data race and potential use-after-free in PK11_ChangePW
https://notcve.org/view.php?id=CVE-2022-38476
A data race could occur in the <code>PK11_ChangePW</code> function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. This vulnerability affects Firefox ESR < 102.2 and Thunderbird < 102.2. Podría producirse una carrera de datos en la función <code>PK11_ChangePW</code>, lo que podría provocar una vulnerabilidad de use-after-free. En Firefox, este bloqueo protegía los datos cuando un usuario cambiaba su contraseña maestra. • https://bugzilla.mozilla.org/show_bug.cgi?id=1760998 https://www.mozilla.org/security/advisories/mfsa2022-34 https://www.mozilla.org/security/advisories/mfsa2022-36 https://access.redhat.com/security/cve/CVE-2022-38476 https://bugzilla.redhat.com/show_bug.cgi?id=2120678 • CWE-416: Use After Free •
CVE-2022-26385
https://notcve.org/view.php?id=CVE-2022-26385
In unusual circumstances, an individual thread may outlive the thread's manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 98. En circunstancias inusuales, un subproceso individual puede sobrevivir al administrador del subproceso durante el cierre. Esto podría haber llevado a un use-after-free que provocó un bloqueo potencialmente explotable. • https://bugzilla.mozilla.org/show_bug.cgi?id=1747526 https://www.mozilla.org/security/advisories/mfsa2022-10 • CWE-416: Use After Free •
CVE-2022-26382
https://notcve.org/view.php?id=CVE-2022-26382
While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox < 98. Si bien JavaScript no puede leer directamente el texto que se muestra en la información sobre herramientas de Autocompletar, el texto se representó utilizando fuentes de página. Los ataques de canal lateral al texto mediante el uso de fuentes especialmente manipuladas podrían haber llevado a que la página web infiera este texto. • https://bugzilla.mozilla.org/show_bug.cgi?id=1741888 https://www.mozilla.org/security/advisories/mfsa2022-10 • CWE-203: Observable Discrepancy •