CVE-2022-40961

Опубликовано: 22 дек. 2022

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

During startup, a graphics driver with an unexpected name could lead to a stack-buffer overflow causing a potentially exploitable crash.
This issue only affects Firefox for Android. Other operating systems are not affected.. This vulnerability affects Firefox < 105.

Ссылки

https://bugzilla.mozilla.org/show_bug.cgi?id=1784588
Issue Tracking
Permissions Required
https://www.mozilla.org/security/advisories/mfsa2022-40/
Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1784588
Issue Tracking
Permissions Required
https://www.mozilla.org/security/advisories/mfsa2022-40/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Версия до 105.0 (исключая)

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 46%

0.00231

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-787

Связанные уязвимости

CVE-2022-40961

CVSS3: 6.5

ubuntu

около 3 лет назад

During startup, a graphics driver with an unexpected name could lead to a stack-buffer overflow causing a potentially exploitable crash.<br>*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox < 105.

CVE-2022-40961

CVSS3: 6.5

debian

около 3 лет назад

During startup, a graphics driver with an unexpected name could lead t ...

GHSA-7526-6xhc-xh2w

CVSS3: 6.5

github

около 3 лет назад

BDU:2022-07017

CVSS3: 8.8

fstec

больше 3 лет назад

Уязвимость графического драйвера браузера Mozilla Firefox для Android, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 46%

0.00231

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-787