Test ID:	1.3.6.1.4.1.25623.1.0.819952
Category:	General
Title:	Mozilla Firefox Security Advisories (MFSA2021-55, MFSA2022-03) - Mac OS X
Summary:	Mozilla Firefox ESR is prone to multiple; vulnerabilities.
Description:	Summary: Mozilla Firefox ESR is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to, - Browser window spoof using fullscreen mode. - Out-of-bounds memory access when inserting text in edit mode. - Use-after-free of ChannelEventQueue::mOwner. - Heap-buffer-overflow in blendGaussianBlur. - Race condition when playing audio files. - Iframe sandbox bypass with XSLT. - Spoofed origin on external protocol launch dialog. - Leaking cross-origin URLs through securitypolicyviolation event. - Crash when handling empty pkcs7 sequence. - Missing throttling on external protocol launch dialog. - Memory safety bugs. Vulnerability Impact: Successful exploitation will allow attackers to conduct spoofing, denail of service, execute arbitrary commands and disclose sensitive information. Affected Software/OS: Mozilla Firefox version before 96 on Mac OS X. Solution: Upgrade to Mozilla Firefox version 96 or later, Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-22743 https://bugzilla.mozilla.org/show_bug.cgi?id=1739220 https://www.mozilla.org/security/advisories/mfsa2022-01/ https://www.mozilla.org/security/advisories/mfsa2022-02/ https://www.mozilla.org/security/advisories/mfsa2022-03/ Common Vulnerability Exposure (CVE) ID: CVE-2022-22742 https://bugzilla.mozilla.org/show_bug.cgi?id=1739923 Common Vulnerability Exposure (CVE) ID: CVE-2022-22741 https://bugzilla.mozilla.org/show_bug.cgi?id=1740389 Common Vulnerability Exposure (CVE) ID: CVE-2022-22740 https://bugzilla.mozilla.org/show_bug.cgi?id=1742334 Common Vulnerability Exposure (CVE) ID: CVE-2022-22738 https://bugzilla.mozilla.org/show_bug.cgi?id=1742382 Common Vulnerability Exposure (CVE) ID: CVE-2022-22737 https://bugzilla.mozilla.org/show_bug.cgi?id=1745874 Common Vulnerability Exposure (CVE) ID: CVE-2021-4140 https://bugzilla.mozilla.org/show_bug.cgi?id=1746720 Common Vulnerability Exposure (CVE) ID: CVE-2022-22750 https://bugzilla.mozilla.org/show_bug.cgi?id=1566608 Common Vulnerability Exposure (CVE) ID: CVE-2022-22748 https://bugzilla.mozilla.org/show_bug.cgi?id=1705211 Common Vulnerability Exposure (CVE) ID: CVE-2022-22745 https://bugzilla.mozilla.org/show_bug.cgi?id=1735856 Common Vulnerability Exposure (CVE) ID: CVE-2022-22747 https://bugzilla.mozilla.org/show_bug.cgi?id=1735028 Common Vulnerability Exposure (CVE) ID: CVE-2022-22739 https://bugzilla.mozilla.org/show_bug.cgi?id=1744158 Common Vulnerability Exposure (CVE) ID: CVE-2022-22751 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1664149%2C1737816%2C1739366%2C1740274%2C1740797%2C1741201%2C1741869%2C1743221%2C1743515%2C1745373%2C1746011 Common Vulnerability Exposure (CVE) ID: CVE-2022-22752 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1741210%2C1742770
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.