[MFSA-2022-33] Security Vulnerabilities fixed in Firefox 104

Severity High

Affected Packages 1

Fixed Packages 1

CVEs 6

CVE-2022-38472: Address bar spoofing via XSLT error handling (high)
An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin.
CVE-2022-38473: Cross-origin XSLT Documents would have inherited the parent's permissions (high)
A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access).
CVE-2022-38474: Recording notification not shown when microphone was recording on Android (low)
A website that had permission to access the microphone could record audio without the audio notification being shown. This bug does not allow the attacker to bypass the permission prompt - it only affects the notification shown once permission has been granted.<br />This bug only affects Firefox for Android. Other operating systems are unaffected.
CVE-2022-38475: Attacker could write a value to a zero-length array (low)
An attacker could have written a value to the first element in a zero-length JavaScript array. Although the array was zero-length, the value was not written to an invalid memory address.
CVE-2022-38477: Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2 (high)
Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
CVE-2022-38478: Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13 (high)
Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Package	Affected Version
pkg:mozilla/Firefox	< 104

Package	Fixed Version
pkg:mozilla/Firefox	= 104

ID

MFSA-2022-33

Severity

high

URL

https://www.mozilla.org/en-US/security/advisories/mfsa2022-33

Published

2022-08-23T00:00:00
(2 years ago)

Modified

2022-08-23T00:00:00
(2 years ago)

Other Advisories

Source	# ID	Name	URL
Bugzilla	1769155		https://bugzilla.mozilla.org/show_bug.cgi?id=1769155
Bugzilla	1771685		https://bugzilla.mozilla.org/show_bug.cgi?id=1771685
Bugzilla	1719511		https://bugzilla.mozilla.org/show_bug.cgi?id=1719511
Bugzilla	1773266		https://bugzilla.mozilla.org/show_bug.cgi?id=1773266
Bugzilla	1760611	Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2	https://bugzilla.mozilla.org/show_bug.cgi?id=1760611
Bugzilla	1770219	Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2	https://bugzilla.mozilla.org/show_bug.cgi?id=1770219
Bugzilla	1771159	Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2	https://bugzilla.mozilla.org/show_bug.cgi?id=1771159
Bugzilla	1773363	Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2	https://bugzilla.mozilla.org/show_bug.cgi?id=1773363
Bugzilla	1770630	Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13	https://bugzilla.mozilla.org/show_bug.cgi?id=1770630
Bugzilla	1776658	Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13	https://bugzilla.mozilla.org/show_bug.cgi?id=1776658

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:mozilla/Firefox		Firefox	< 104
Fixed	pkg:mozilla/Firefox		Firefox	= 104

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date