CVE-2022-34473 — Vulnetix

CVE-2022-34473 PUBLISHED

In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Diese besitzen verschiedene Hintergründe, wie z.B. Use-after-Free-Fehlern, Speicherfehler oder unsichere Pop-Up-Windows. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Denial of Service Zustand durchzuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.

EPSS 0.44% · 63.5th percentile

Risk Scores

EPSS Score

0.44%

63.5th percentile

Affected Products

Vendor	Product	Versions
Debian	Debian Linux
Ubuntu	Ubuntu Linux
Red Hat	Red Hat Enterprise Linux
Oracle	Oracle Linux
SUSE	SUSE Linux
Oracle	Oracle Solaris
Gentoo	Gentoo Linux
Amazon	Amazon Linux 2
Open Source	Open Source CentOS

Exploit Intelligence

https://www.mozilla.org/security/advisories/mfsa2022-24/ (circl)
https://www.mozilla.org/security/advisories/mfsa2022-26/ (circl)
https://www.mozilla.org/security/advisories/mfsa2022-25/ (circl)
https://bugzilla.mozilla.org/show_bug.cgi?id=1773717 (circl)
CIRCL seen: CVE-2022-34478 (circl-sighting)

Timeline

Jun 28, 2022 CVE Published
Dec 23, 2022 EPSS Score
Feb 3, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 16, 2023 EPSS Score
Apr 27, 2023 EPSS Score
Jun 7, 2023 EPSS Score
Jul 19, 2023 EPSS Score
Aug 29, 2023 EPSS Score
Sep 27, 2023 CVE Updated
Oct 10, 2023 EPSS Score
Nov 20, 2023 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0505.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0505 advisory
https://alas.aws.amazon.com/AL2/ALASFIREFOX-2023-013.html advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2022-24/ advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2022-25/ advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2022-26/ advisory
https://lists.debian.org/debian-security-announce/2022/msg00140.html advisory
https://access.redhat.com/errata/RHSA-2022:5470 advisory
https://access.redhat.com/errata/RHSA-2022:5474 advisory
https://access.redhat.com/errata/RHSA-2022:5472 advisory
https://access.redhat.com/errata/RHSA-2022:5478 advisory
https://access.redhat.com/errata/RHSA-2022:5477 advisory
https://access.redhat.com/errata/RHSA-2022:5469 advisory
https://access.redhat.com/errata/RHSA-2022:5473 advisory
https://lists.debian.org/debian-lts-announce/2022/06/msg00026.html advisory
https://access.redhat.com/errata/RHSA-2022:5482 advisory
https://access.redhat.com/errata/RHSA-2022:5481 advisory
https://access.redhat.com/errata/RHSA-2022:5480 advisory
https://access.redhat.com/errata/RHSA-2022:5479 advisory
https://access.redhat.com/errata/RHSA-2022:5475 advisory

…and 24 more

Open in Interactive Console →