CVE-2022-34483

Summary

An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34482. This vulnerability affects Firefox < 102.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 102affected

Weaknesses

  • Drag and drop of malicious image could have led to malicious executable and potential code execution

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References