Mozilla releases security updates for Firefox (108.0), Firefox ESR (102.6.0) and Thunderbird (102.6.0)

Mozilla releases security updates for Firefox (108.0), Firefox ESR (102.6.0) and Thunderbird (102.6.0)


Hello everyone,

Mozilla has fixed several high severity security vulnerabilities in Firefox (108.0)Firefox ESR (102.6.0) and Thunderbird (102.6.0). The details of the vulnerabilities fixed are as follows:


Platform
CVE ID
Vulnerability 
Impact
Firefox 108
CVE-2022-46871
libusrsctp library out of date  
High
Firefox 108, Firefox ESR 102.6 and Thunderbird 102.6
CVE-2022-46872
Arbitrary file read from a compromised content process  
High
Firefox 108
CVE-2022-46873
Firefox did not implement the CSP directive unsafe-hashes  
Moderate
Firefox 108, Firefox ESR 102.6 and Thunderbird 102.6
CVE-2022-46874
Drag and Dropped Filenames could have been truncated to malicious extensions
Moderate
Firefox 108, Firefox ESR 102.6 and Thunderbird 102.6
CVE-2022-46875
Download Protections were bypassed by .atloc and .ftploc files on Mac OS  
Moderate
Firefox 108
CVE-2022-46877
Fullscreen notification bypass  
Low
Firefox 108, Firefox ESR 102.6 and Thunderbird 102.6
CVE-2022-46878
Memory safety bugs fixed in Firefox 108, Firefox ESR 102.6 and Thunderbird 102.6
High
Firefox 108
CVE-2022-46879
Memory safety bugs fixed in Firefox 108  
High
Firefox ESR 102.6 and Thunderbird 102.6
CVE-2022-46880
Use-after-free in WebGL  
High
Firefox ESR 102.6 and Thunderbird 102.6
CVE-2022-46881
Memory corruption in WebGL  
High
Firefox ESR 102.6 and Thunderbird 102.6
CVE-2022-46882
Use-after-free in WebGL  
Moderate

To install this update on your machines, initiate a sync between the Central Patch Repository and the Patch Manager Plus server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.


Patch ID
Bulletin ID
Patch description
328100
TU-028
Mozilla Thunderbird
(102) (102.6.0)
328101
TU-028
Mozilla Thunderbird
(102) (x64) (102.6.0)
328095
TU-027
Mozilla Firefox
(108.0)
328096
TU-027
Mozilla Firefox
(x64) (108.0)
328099
TU-054
Mozilla Firefox ESR
(102) (102.6.0)
328102
TU-054
Mozilla Firefox ESR
(102) (x64) (102.6.0)

Cheers,

The ManageEngine Team


              New to ADManager Plus?

                New to ADSelfService Plus?