PT-2022-3292 · Mozilla+10 · Thunderbird+11

Published

2022-06-28

·

Updated

2024-12-12

·

CVE-2022-34484

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 102 Firefox ESR versions prior to 91.11 Thunderbird versions prior to 102 Thunderbird versions prior to 91.11
Description The issue is related to potential vulnerabilities that could allow a remote attacker to execute arbitrary code, possibly due to memory corruption or buffer overflow. The vulnerability can be exploited by creating a special website that, when opened by the victim, can cause memory damage and allow the execution of arbitrary code in the target system.
Recommendations For Firefox versions prior to 102, update to version 102 or later. For Firefox ESR versions prior to 91.11, update to version 91.11 or later. For Thunderbird versions prior to 102, update to version 102 or later. For Thunderbird versions prior to 91.11, update to version 91.11 or later.

Exploit

Fix

Use After Free

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-119

Related Identifiers

ALSA-2022:5482
ALT-PU-2022-2151
ALT-PU-2022-2153
ALT-PU-2022-2458
ALT-PU-2022-2515
ALT-PU-2022-2929
ALT-PU-2022-2930
ALT-PU-2022-2931
ALT-PU-2023-1137
ALT-PU-2023-1138
ALT-PU-2023-1139
ALT-PU-2023-4335
ALT-PU-2023-4336
ALT-PU-2023-4339
BDU:2022-04029
CESA-2022_5469
CESA-2022_5470
CESA-2022_5479
CESA-2022_5480
CVE-2022-34484
DLA-3064-1
DSA-5172-1
DSA-5175-1
MGASA-2022-0251
MGASA-2022-0253
OESA-2023-1673
OESA-2023-1674
OPENSUSE-SU-2022_2313-1
OPENSUSE-SU-2022_2320-1
OPENSUSE-SU-2022_3281-1
OPENSUSE-SU-2022_3396-1
OPENSUSE-SU-2024:12161-1
OPENSUSE-SU-2024:12184-1
OPENSUSE-SU-2024:14572-1
RHSA-2022:5469
RHSA-2022:5470
RHSA-2022:5472
RHSA-2022:5473
RHSA-2022:5474
RHSA-2022:5475
RHSA-2022:5477
RHSA-2022:5478
RHSA-2022:5479
RHSA-2022:5480
RHSA-2022:5481
RHSA-2022:5482
RHSA-2022_5469
RHSA-2022_5470
RHSA-2022_5479
RHSA-2022_5480
RHSA-2022_5481
RHSA-2022_5482
RLSA-2022:5469
RLSA-2022:5470
SUSE-SU-2022:2279-1
SUSE-SU-2022:2289-1
SUSE-SU-2022:2313-1
SUSE-SU-2022:2320-1
SUSE-SU-2022:3272-1
SUSE-SU-2022:3273-1
SUSE-SU-2022:3281-1
SUSE-SU-2022:3396-1
USN-5504-1
USN-5512-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Firefox
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Thunderbird
Ubuntu