![]() ![]() One more vulnerability is an out-of-bounds memory access leading to a potentially exploitable crash, and the flaw has been tracked as CVE-2022-22742. The vulnerability can allow an attacker-controlled tab to prevent the browser from leaving fullscreen mode when the user navigates from inside an iframe. Another vulnerability is a fullscreen spoof in the Firefox browser window tracked as CVE-2022-22743. The vulnerability only impacts Firefox for Windows operating systems.A race condition could have allowed bypassing the fullscreen notification, which could have lead to a fullscreen window spoof being unnoticed. ![]() Out of the above vulnerabilities, the most severe one is a race condition issue tracked as CVE-2022-22746. Most of these vulnerabilities could lead to Race-Condition, Fullscreen access, out-of-bounds memory access, Use-after-free, heap buffer overflow, Iframe sandbox bypass with XSLT. The advisories for these products have been rated high severity. There are 18 vulnerabilities in Firefox,14 vulnerabilities in Firefox ESR, and 14 in Thunderbird that has been found and fixed. Mozilla has released security updates for Firefox, Firefox ESR, and mailing client Thunderbird. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |