Multiple vulnerabilities in Mozilla Firefox ESR

Description

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. Memory safety vulnerability can be exploited to execute arbitrary code.
2. Denial of service vulnerability in window.print can be exploited to cause denial of service.
3. Memory corruption vulnerability in JS Engine can be exploited remotely to execute arbitrary code.
4. Information disclosure vulnerability in performance.getEntries for Windows can be exploited to obtain sensitive information.

Original advisories

• MFSA2022-45

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Mozilla-Firefox-ESR

CVE list

• CVE-2022-42932
  critical
• CVE-2022-42929
  high
• CVE-2022-42928
  critical
• CVE-2022-42927
  critical

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com