Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.

CPENameOperatorVersion
firefoxlt108.0
firefox_esrlt102.6
thunderbirdlt102.6

Name	Operator	Version
firefox	lt	108.0
firefox_esr	lt	102.6
thunderbird	lt	102.6

References

bugzilla.mozilla.org/buglist.cgi?bug_id=1782219%2C1797370%2C1797685%2C1801102%2C1801315%2C1802395

security.gentoo.org/glsa/202305-06

security.gentoo.org/glsa/202305-13

www.mozilla.org/security/advisories/mfsa2022-51/

www.mozilla.org/security/advisories/mfsa2022-52/

www.mozilla.org/security/advisories/mfsa2022-53/

cvelist 1

cve 1

cnvd 1

redhatcve 1

ubuntucve 1

veracode 1

alpinelinux 1

debiancve 1

nvd 1

openvas 23

debian 4

nessus 55

oraclelinux 6

mageia 2

redhat 16

osv 13

almalinux 4

altlinux 2

slackware 2

kaspersky 3

ubuntu 4

rocky 2

mozilla 3

ibm 2

gentoo 2

amazon 2

photon 1

cvelist

CVE-2022-46878

2022-12-22 00:00:00

cve

CVE-2022-46878

2022-12-22 20:15:46

cnvd

Mozilla Firefox Memory Corruption Vulnerability (CNVD-2023-75349)

2022-12-19 00:00:00

redhatcve

CVE-2022-46878

2022-12-14 16:05:19

ubuntucve

CVE-2022-46878

2022-12-14 00:00:00

veracode

Denial Of Service (DoS)

2022-12-15 23:25:38

alpinelinux

CVE-2022-46878

2022-12-22 20:15:46

debiancve

CVE-2022-46878

2022-12-22 20:15:46

nvd

CVE-2022-46878

2022-12-22 20:15:46

openvas

Mozilla Thunderbird Security Advisories (MFSA2022-51, MFSA2022-53) - Windows

2022-12-16 00:00:00

Mozilla Firefox ESR Security Advisories (MFSA2022-51, MFSA2022-53) - Windows

2022-12-16 00:00:00

Mozilla Firefox Security Advisories (MFSA2022-51, MFSA2022-53) - Windows

2022-12-16 00:00:00

debian

[SECURITY] [DLA 3241-1] firefox-esr security update

2022-12-15 18:16:56

[SECURITY] [DLA 3242-1] thunderbird security update

2022-12-15 18:22:21

[SECURITY] [DSA 5301-1] firefox-esr security update

2022-12-14 18:15:26

nessus

AlmaLinux 9 : firefox (ALSA-2022:9065)

2022-12-16 00:00:00

RHEL 9 : firefox (RHSA-2022:9066)

2022-12-16 00:00:00

RHEL 8 : firefox (RHSA-2022:9067)

2022-12-19 00:00:00

oraclelinux

firefox security update

2022-12-16 00:00:00

firefox security update

2022-12-16 00:00:00

thunderbird security update

2022-12-16 00:00:00

mageia

Updated thunderbird packages fix security vulnerability

2022-12-17 23:37:44

Updated firefox packages fix security vulnerability

2022-12-17 23:37:44

redhat

(RHSA-2022:9071) Important: firefox security update

2022-12-15 15:40:28

(RHSA-2022:9067) Important: firefox security update

2022-12-15 15:32:10

(RHSA-2022:9072) Important: firefox security update

2022-12-15 15:41:01

osv

Important: firefox security update

2022-12-15 15:32:10

Important: firefox security update

2022-12-15 00:00:00

thunderbird - security update

2022-12-15 00:00:00

almalinux

Important: firefox security update

2022-12-15 00:00:00

Important: thunderbird security update

2022-12-15 00:00:00

Important: firefox security update

2022-12-15 00:00:00

altlinux

Security fix for the ALT Linux 10 package firefox-esr version 102.6.0-alt1

2022-12-22 00:00:00

Security fix for the ALT Linux 10 package thunderbird version 102.6.0-alt1

2022-12-23 00:00:00

slackware

[slackware-security] mozilla-thunderbird

2022-12-14 21:30:37

[slackware-security] mozilla-firefox

2022-12-14 21:30:17

kaspersky

KLA20115 Multiple vulnerabilities in Mozilla Thunderbird

2022-12-13 00:00:00

KLA20114 Multiple vulnerabilities in Mozilla Firefox ESR

2022-12-13 00:00:00

KLA20113 Multiple vulnerabilities in Mozilla Firefox

2022-12-13 00:00:00

ubuntu

Firefox regressions

2023-01-10 00:00:00

Firefox vulnerabilities

2022-12-15 00:00:00

Firefox regressions

2023-01-05 00:00:00

rocky

firefox security update

2022-12-15 15:32:10

thunderbird security update

2023-01-14 01:54:53

mozilla

Security Vulnerabilities fixed in Firefox ESR 102.6 — Mozilla

2022-12-13 00:00:00

Security Vulnerabilities fixed in Thunderbird 102.6 — Mozilla

2022-12-13 00:00:00

Security Vulnerabilities fixed in Firefox 108 — Mozilla

2022-12-13 00:00:00

ibm

Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 102.6ESR) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF16

2023-02-15 10:00:54

Security Bulletin: Due to use of Mozilla Firefox, IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to multiple vulnerabilities.

2023-08-31 11:04:58

gentoo

Mozilla Thunderbird: Multiple Vulnerabilities

2023-05-03 00:00:00

Mozilla Firefox: Multiple Vulnerabilities

2023-05-03 00:00:00

amazon

Important: thunderbird

2023-02-17 00:11:00

Important: thunderbird

2023-02-17 00:11:00

photon

Critical Photon OS Security Update - PHSA-2023-5.0-0035

2023-06-22 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.4 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.2%

JSON

Related for PRION:CVE-2022-46878