Firefox, Thunderbird: Attackers could trap victims in full-screen mode

Share your love

Firefox, Firefox ESR and Thunderbird are vulnerable, attackers could, among other things, manipulate the full-screen mode or even run malicious code on computers.

In the alerts, Mozilla has the threat level of the vulnerabilities in the web browsers and din Mailclient mostly as “high“. After successful attacks, attackers could, for example, run tabs permanently in full-screen mode (CVE-2022-22743 “high“). Victims should not be able to end this state.

When pasting text (CVE-2022-22742″high“) memory errors (out-of-bounds) can occur. This is usually a gateway for malicious code. Playing audio can also lead to such errors (CVE-2022-22737 “high“).

The developers indicate security problems in the versions Firefox 96, Firefox ESR 91.5 and Thunderbird 91.5 to have solved.


Article Source

Read Also   Combi chip Ryzen 5700G from AMD, audio technology in the smart home | c't uplink 39.0
Share your love