mickmick.net

Mozilla Firefox Multiple Vulnerabilities

Release Date: 27 Jul 2022

RISK: Medium Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Mozilla Firefox. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, spoofing, remote code execution, sensitive information disclosure, data manipulation and security restriction bypass on the targeted system.

---

Impact

• Remote Code Execution
• Security Restriction Bypass
• Information Disclosure
• Spoofing
• Denial of Service
• Data Manipulation

---

System / Technologies affected

Versions prior to:

 

• Firefox 103
• Firefox ESR 91.12
• Firefox ESR 102.1

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

• Firefox 103
• Firefox ESR 91.12
• Firefox ESR 102.1

---

Vulnerability Identifier

• CVE-2022-2505
• CVE-2022-36314
• CVE-2022-36315
• CVE-2022-36316
• CVE-2022-36317
• CVE-2022-36318
• CVE-2022-36319
• CVE-2022-36320

---

Source

• Mozilla

---

Related Link

• https://www.mozilla.org/en-US/security/advisories/mfsa2022-28
• https://www.mozilla.org/en-US/security/advisories/mfsa2022-29
• https://www.mozilla.org/en-US/security/advisories/mfsa2022-30