VDB
CVE-2022-34482
CVE-2022-34482
PUBLISHED
In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Diese besitzen verschiedene Hintergründe, wie z.B. Use-after-Free-Fehlern, Speicherfehler oder unsichere Pop-Up-Windows. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Denial of Service Zustand durchzuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
EPSS 0.48% · 65.5th percentile
Risk Scores
EPSS Score
0.48%
65.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | Amazon Linux 2 | |
| SUSE | SUSE Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Oracle | Oracle Solaris | |
| Ubuntu | Ubuntu Linux | |
| Oracle | Oracle Linux | |
| Open Source | Open Source CentOS | |
| Debian | Debian Linux | |
| Gentoo | Gentoo Linux |
Exploit Intelligence
- https://www.mozilla.org/security/advisories/mfsa2022-24/ (circl)
- https://www.mozilla.org/security/advisories/mfsa2022-26/ (circl)
- https://www.mozilla.org/security/advisories/mfsa2022-25/ (circl)
- https://bugzilla.mozilla.org/show_bug.cgi?id=1773717 (circl)
- CIRCL seen: CVE-2022-34478 (circl-sighting)
- https://bugzilla.mozilla.org/show_bug.cgi?id=845880 (cve.org)
- cve_test.go (github-poc)
- cve_test.go (github-poc)
- cve_test.go (github-poc)
- cve_test.go (github-poc)
…and 6 more exploits
Timeline
- Jun 28, 2022 CVE Published
- Dec 23, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 16, 2023 EPSS Score
- Apr 27, 2023 EPSS Score
- Jun 7, 2023 EPSS Score
- Jul 19, 2023 EPSS Score
- Aug 29, 2023 EPSS Score
- Sep 27, 2023 CVE Updated
- Oct 10, 2023 EPSS Score
- Nov 20, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0505.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0505 advisory
- https://alas.aws.amazon.com/AL2/ALASFIREFOX-2023-013.html advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2022-24/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2022-25/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2022-26/ advisory
- https://lists.debian.org/debian-security-announce/2022/msg00140.html advisory
- https://access.redhat.com/errata/RHSA-2022:5470 advisory
- https://access.redhat.com/errata/RHSA-2022:5474 advisory
- https://access.redhat.com/errata/RHSA-2022:5472 advisory
- https://access.redhat.com/errata/RHSA-2022:5478 advisory
- https://access.redhat.com/errata/RHSA-2022:5477 advisory
- https://access.redhat.com/errata/RHSA-2022:5469 advisory
- https://access.redhat.com/errata/RHSA-2022:5473 advisory
- https://lists.debian.org/debian-lts-announce/2022/06/msg00026.html advisory
- https://access.redhat.com/errata/RHSA-2022:5482 advisory
- https://access.redhat.com/errata/RHSA-2022:5481 advisory
- https://access.redhat.com/errata/RHSA-2022:5480 advisory
- https://access.redhat.com/errata/RHSA-2022:5479 advisory
- https://access.redhat.com/errata/RHSA-2022:5475 advisory
…and 24 more