-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2022.3656
        MFSA 2022-28 Security Vulnerabilities fixed in Firefox 103
                               28 July 2022

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Firefox
Publisher:         Mozilla
Operating System:  Windows
                   UNIX variants (UNIX, Linux, OSX)
Resolution:        Patch/Upgrade
CVE Names:         CVE-2022-36320 CVE-2022-36319 CVE-2022-36318
                   CVE-2022-36317 CVE-2022-36316 CVE-2022-36315
                   CVE-2022-36314 CVE-2022-2505 

Original Bulletin: 
   https://www.mozilla.org/en-US/security/advisories/mfsa2022-28/

Comment: CVSS (Max):  None available when published

- --------------------------BEGIN INCLUDED TEXT--------------------

Mozilla Foundation Security Advisory 2022-28

Security Vulnerabilities fixed in Firefox 103

Announced: July 26, 2022
Impact:    moderate
Products:  Firefox
Fixed in:  Firefox 103

# CVE-2022-36319: Mouse Position spoofing with CSS transforms

Reporter: Irvan Kurniawan
Impact:   moderate

Description

When combining CSS properties for overflow and transform, the mouse cursor
could interact with different coordinates than displayed.

References

  o Bug 1737722

# CVE-2022-36317: Long URL would hang Firefox for Android

Reporter: Irwan
Impact:   moderate

Description

When visiting a website with an overly long URL, the user interface would start
to hang. Due to session restore, this could lead to a permanent Denial of
Service.
This bug only affects Firefox for Android. Other operating systems are
unaffected.

References

  o Bug 1759951

# CVE-2022-36318: Directory indexes for bundled resources reflected URL
parameters

Reporter: Gijs Kruitbosch
Impact:   moderate

Description

When visiting directory listings for chrome:// URLs as source text, some
parameters were reflected.

References

  o Bug 1771774

# CVE-2022-36314: Opening local <code>.lnk</code> files could cause unexpected
network loads

Reporter: akucybersec
Impact:   moderate

Description

When opening a Windows shortcut from the local filesystem, an attacker could
supply a remote path that would lead to unexpected network requests from the
operating system.
This bug only affects Firefox for Windows. Other operating systems are
unaffected.*

References

  o Bug 1773894

# CVE-2022-36315: Preload Cache Bypasses Subresource Integrity

Reporter: Hiroshige Hayashizaki
Impact:   low

Description

When loading a script with Subresource Integrity, attackers with an injection
capability could trigger the reuse of previously cached entries with incorrect,
different integrity metadata.

References

  o Bug 1762520

# CVE-2022-36316: Performance API leaked whether a cross-site resource is
redirecting

Reporter: Jannis Rautenstrauch
Impact:   low

Description

When using the Performance API, an attacker was able to notice subtle
differences between PerformanceEntries and thus learn whether the target URL
had been subject to a redirect.

References

  o Bug 1768583

# CVE-2022-36320: Memory safety bugs fixed in Firefox 103

Reporter: Mozilla developers and community
Impact:   high

Description

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs
present in Firefox 102. Some of these bugs showed evidence of memory corruption
and we presume that with enough effort some of these could have been exploited
to run arbitrary code.

References

  o Memory safety bugs fixed in Firefox 103

# CVE-2022-2505: Memory safety bugs fixed in Firefox 103 and 102.1

Reporter: Mozilla developers and community
Impact:   high

Description

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs
present in Firefox 102. Some of these bugs showed evidence of memory corruption
and we presume that with enough effort some of these could have been exploited
to run arbitrary code.

References

  o Memory safety bugs fixed in Firefox 103

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/

iQIVAwUBYuG+VckNZI30y1K9AQggHA/+OMU7hckwp+aIiBgFjJLSAIs06IfDTKkO
gwaNILfqjR7tHZkDiID/zstHDAgrRRWR104IfetWJ9y/uisB25IF9U+uFXuvrxu2
J0AFaFdK46LfNIZ5MOVuYlSikQ3XSfnueSsHz9Ykc9josMOrnYM5jBDsg01wnWKK
pyIHDvhZsOiQv2Nmeu4BRR9SOIjMoGQcIX4J/31wxiABABdpKhS6PAZ5v6rMBzQV
BE4gDVc7ZEH6idUzSVXGNguC2fsdQLedfhvvIP8mekXv2YLGCpLGFBmDe4ZyjMER
v38BkIFK5V7plOcSiUdoXP/2TO3p0p4BTe/qk7SANLITHk4GthtDojrC06IN5ZBe
+7v/uyBfU7OlJAsMYEwrw4s+wVZKvliD+q+jJ+ss9dOhWX9y5K7hKB8NqKR/jUHu
4IupEH9EUKi2cH+RAHwTQaXlYq2N7u7/HH0FR8NgydNublYZyulUDps14IH2+jCn
NiFJPJ3gvfNuXtbnFCJ3FMGxvejUf9wBs71pLUJIRXaZCebSalV904u5KN8E/zJa
wTGd8hfGz/avj2goT2Rey75VP267FVAjB4qO9U5A6VyciOPurziCxtg87QyZcybf
iuI7OOA/GHosW2g97U4/FZkocl6VCNAoGZ1DuMHCpwze0bH1hYY51pBISNUk0sEr
cxMnjpNEdg0=
=tRFp
-----END PGP SIGNATURE-----