VDB
CVE-2022-42930
CVE-2022-42930
PUBLISHED
In Mozilla Firefox, Mozilla Firefox ESR und Thunderbird existieren mehrere Schwachstellen. Diese sind auf Speicherfehler, Fehler in verschiedenen Funktonen oder Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren oder sonstige Auswirkungen zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
EPSS 0.27% · 51.2th percentile
Risk Scores
EPSS Score
0.27%
51.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | Amazon Linux 2 | |
| IGEL | IGEL OS < 11.08.290 | |
| Red Hat | Red Hat Enterprise Linux | |
| Xerox | Xerox FreeFlow Print Server | |
| Oracle | Oracle Linux | |
| Gentoo | Gentoo Linux | |
| Debian | Debian Linux | |
| Mozilla | Mozilla Thunderbird < 102.4 | |
| SUSE | SUSE Linux | |
| Ubuntu | Ubuntu Linux |
Exploit Intelligence
- cve_test.go (github-poc)
- cve_test.go (github-poc)
- cve_test.go (github-poc)
- cve_test.go (github-poc)
- cve_test.go (github-poc)
- cve_test.go (github-poc)
- cve_test.go (github-poc)
- cve_test.go (github-poc)
Timeline
- Oct 18, 2022 CVE Published
- Dec 23, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 16, 2023 EPSS Score
- Apr 27, 2023 EPSS Score
- Jun 7, 2023 EPSS Score
- Jul 19, 2023 EPSS Score
- Aug 29, 2023 EPSS Score
- Oct 10, 2023 EPSS Score
- Nov 16, 2023 CVE Updated
- Nov 20, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1791.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1791 advisory
- https://alas.aws.amazon.com/AL2/ALASFIREFOX-2023-017.html advisory
- https://kb.igel.com/securitysafety/en/isn-2023-02-firefox-esr-vulnerabilities-81501314.html advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2022-44/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2022-45/ advisory
- https://www.debian.org/security/2022/dsa-5259 advisory
- https://lists.debian.org/debian-lts-announce/2022/10/msg00025.html advisory
- https://access.redhat.com/errata/RHSA-2022:7066 advisory
- https://access.redhat.com/errata/RHSA-2022:7070 advisory
- https://access.redhat.com/errata/RHSA-2022:7072 advisory
- https://access.redhat.com/errata/RHSA-2022:7071 advisory
- https://access.redhat.com/errata/RHSA-2022:7069 advisory
- https://access.redhat.com/errata/RHSA-2022:7068 advisory
- https://linux.oracle.com/errata/ELSA-2022-7071.html advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2022-46/ advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-October/012635.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-October/012666.html advisory
- https://linux.oracle.com/errata/ELSA-2022-7070.html advisory
- https://access.redhat.com/errata/RHSA-2022:7178 advisory
…and 20 more