Monday, April 11, 2022

MFSA2022-14 Firefox: Security Vulnerabilities fixed in Firefox ESR 91.8 (CVE-2022-28285)

rapid7 vulnerabilities In: , 
Description
When generating the assembly code for MLoadTypedArrayElementHole, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read.
Solution(s)
  • mozilla-firefox-esr-upgrade-91_8


    • References
  • https://attackerkb.com/topics/cve-2022-28285
  • CVE - 2022-28285
  • http://www.mozilla.org/security/announce/2022/mfsa2022-14.html




    •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore