Sunday, February 13, 2022

MFSA2022-05 Firefox: Security Vulnerabilities fixed in Firefox ESR 91.6 (CVE-2022-22753)

rapid7 vulnerabilities In: , 
Description
A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.This bug only affects Firefox on Windows. Other operating systems are unaffected.
Solution(s)
  • mozilla-firefox-esr-upgrade-91_6


    • References
  • https://attackerkb.com/topics/cve-2022-22753
  • CVE - 2022-22753
  • http://www.mozilla.org/security/announce/2022/mfsa2022-05.html




    •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore