Vulnerabilities > CVE-2022-1802 - Unspecified vulnerability in Mozilla Thunderbird

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
mozilla
NVD
Published: 2022-12-22
Updated: 2022-12-29

Summary

If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.

Vulnerable Configurations

Part Description Count
Application
Mozilla
1411
OS
Google
1

References