PT-2022-3656 · Mozilla+8 · Thunderbird+10
Andrew Mccreight
+1
·
Published
2022-05-31
·
Updated
2024-12-12
·
CVE-2022-31747
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Firefox versions 100 and earlier
Firefox ESR versions 91.9 and earlier
Thunderbird versions 91.9 and earlier
Description
The issue is related to memory safety bugs, which could potentially be exploited to run arbitrary code. It is also associated with a buffer copy without checking the size of the input data, allowing a remote attacker to cause a denial of service or execute arbitrary code.
Recommendations
For Firefox versions 100 and earlier, update to version 101 or later.
For Firefox ESR versions 91.9 and earlier, update to version 91.10 or later.
For Thunderbird versions 91.9 and earlier, update to version 91.10 or later.
Exploit
Fix
Out of bounds Read
Buffer Overflow
Memory Corruption
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Rocky Linux
Suse
Thunderbird
Ubuntu