Mozilla Products Multiple Vulnerabilities
Release Date:
12 Jan 2022
4429
Views
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Mozilla products. A remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting, spoofing, remote code execution, denial of service condition, elevation of privilege, security restriction bypass and sensitive information disclosure on the targeted system.
Impact
- Cross-Site Scripting
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Spoofing
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Firefox ESR version prior to 91.5
- Firefox version prior to 96
- Thunderbird version prior to 91.5
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Update to Firefox ESR version 91.5
- Update to Firefox version 96
- Update to Thunderbird version 91.5
Vulnerability Identifier
- CVE-2022-4410
- CVE-2022-22736
- CVE-2022-22737
- CVE-2022-22738
- CVE-2022-22739
- CVE-2022-22740
- CVE-2022-22741
- CVE-2022-22742
- CVE-2022-22743
- CVE-2022-22744
- CVE-2022-22745
- CVE-2022-22746
- CVE-2022-22747
- CVE-2022-22748
- CVE-2022-22749
- CVE-2022-22750
- CVE-2022-22751
- CVE-2022-22752
Source
Related Link
- https://www.mozilla.org/en-US/security/advisories/mfsa2022-01/
- https://www.mozilla.org/en-US/security/advisories/mfsa2022-02/
- https://www.mozilla.org/en-US/security/advisories/mfsa2022-03/
- https://www.cisa.gov/uscert/ncas/current-activity/2022/01/11/mozilla-releases-security-updates-firefox-firefox-esr-and
Related Tags
Share with