Rewterz Threat Alert – BlackMoon Banking Trojan – Active IOCs
April 6, 2022Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
April 6, 2022Rewterz Threat Alert – BlackMoon Banking Trojan – Active IOCs
April 6, 2022Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
April 6, 2022Severity
High
Analysis Summary
CVE-2022-28281 CVSS:8.8
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write due to unexpected WebAuthN Extensions. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the vulnerable system or cause a denial of service.
CVE-2022-28282 CVSS:6.5
Mozilla Firefox is vulnerable to a denial of service, caused by a use-after-free in DocumentL10n::TranslateDocument. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause the browser to crash.
CVE-2022-28283 CVSS:6.3
Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by missing security checks for fetching sourceMapURL. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to bypass security restrictions.
CVE-2022-28284 CVSS:6.5
Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by an error when using svg’s use element. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to load unexpected content that could have executed script in certain circumstances.
CVE-2022-28285 CVSS:6.5
Mozilla Firefox could allow a remote attacker to obtain sensitive information, caused by an incorrect AliasSet used in JIT Codegen. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to trigger out-of-bounds memory read.
CVE-2022-28286 CVSS:6.5
Mozilla Firefox could allow a remote attacker to conduct spoofing attacks, caused by the rendering of iframe contents outside of its border. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to conduct a spoofing attack.
CVE-2022-24713 CVSS:6.5
Mozilla Firefox is vulnerable to a denial of service, caused by the failure to properly prevent crafted regular expressions from taking an arbitrary amount of time during parsing by the rust regex crate. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause the browser to crash.
CVE-2022-28289 CVSS:8.8
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
CVE-2022-28288 CVSS:8.8
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
CVE-2022-1196 CVSS:6.5
Mozilla Firefox is vulnerable to a denial of service, caused by a use-after-free after VR Process destruction. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause the browser to crash.
Impact
- Code Execution
- Denial of Service
- Security Bypass
- Information Disclosure
- Gain Access
Indicator Of Compromise
CVE
- CVE-2022-28281
- CVE-2022-28282
- CVE-2022-28283
- CVE-2022-28284
- CVE-2022-28285
- CVE-2022-28286
- CVE-2022-24713
- CVE-2022-28289
- CVE-2022-28288
- CVE-2022-1196
Affected Vendors
Mozilla
Affected Products
- Mozilla Firefox 98
- Mozilla Firefox ESR 91.7
Remediation
Refer to Mozilla Foundation Security Advisory for patch, upgrade or suggested workaround information.