CVE-2022-3266

Summary

An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox ESRunspecified < 102.3affected
MozillaThunderbirdunspecified < 102.3affected
MozillaFirefoxunspecified < 105affected

Weaknesses

  • Out of bounds read when decoding H264

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

Additional References

References