Mozilla Products Multiple Vulnerabilities
Last Update Date: 23 Dec 2022 Release Date: 14 Dec 2022
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, sensitive information disclosure, cross-site scripting and security restriction bypass on the targeted system.
[Updated on 2022-12-23]
Updated System / Technologies affected, Solutions and Related Links.
Impact
- Denial of Service
- Remote Code Execution
- Information Disclosure
- Cross-Site Scripting
- Security Restriction Bypass
System / Technologies affected
Versions prior to:
- Firefox 108
- Firefox ESR 102.6
- Thunderbird 102.6.1
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- Firefox 108
- Firefox ESR 102.6
- Thunderbird 102.6.1
Vulnerability Identifier
- CVE-2022-46871
- CVE-2022-46872
- CVE-2022-46873
- CVE-2022-46874
- CVE-2022-46875
- CVE-2022-46877
- CVE-2022-46878
- CVE-2022-46879
- CVE-2022-46880
- CVE-2022-46881
- CVE-2022-46882
Source
Related Link
- https://www.auscert.org.au/bulletins/ESB-2022.6480
- https://www.auscert.org.au/bulletins/ESB-2022.6479
- https://www.auscert.org.au/bulletins/ESB-2022.6478
- https://www.auscert.org.au/bulletins/ESB-2022.6657
- https://www.mozilla.org/en-US/security/advisories/mfsa2022-51/
- https://www.mozilla.org/en-US/security/advisories/mfsa2022-52/
- https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/
- https://www.mozilla.org/en-US/security/advisories/mfsa2022-54/
沒有留言:
發佈留言