Multiple vulnerabilities in Mozilla Firefox

Описание

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions, spoof user interface.

Below is a complete list of vulnerabilities:

1. Memory safety vulnerability can be exploited to execute arbitrary code.
2. Code execution vulnerability in Download Protection can be exploited to execute arbitrary code.
3. Information disclosure vulnerability in Content process can be exploited to obtain sensitive information.
4. Security bypass vulnerability in CSP directive can be exploited to bypass security restrictions.
5. Code execution vulnerability in Drag and Drop can be exploited to execute arbitrary code.
6. Security UI vulnerability in Fullscreen notification can be exploited to spoof user interface.
7. Security bypass vulnerability in libusrsctp can be exploited to bypass security restrictions.

Первичный источник обнаружения

• MFSA2022-51
  

Связанные продукты

• Mozilla-Firefox

Список CVE

• CVE-2022-46878
  critical
• CVE-2022-46875
  high
• CVE-2022-46872
  critical
• CVE-2022-46873
  critical
• CVE-2022-46874
  critical
• CVE-2022-46877
  warning
• CVE-2022-46879
  critical
• CVE-2022-46871
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com