CVE-2022-46874

Reference Links

• https://bugzilla.mozilla.org/show_bug.cgi?id=1746139
• https://www.mozilla.org/en-US/security/advisories/mfsa2022-52/
• https://www.mozilla.org/en-US/security/advisories/mfsa2022-51/
• https://www.mozilla.org/en-US/security/advisories/mfsa2022-54/
• https://security.gentoo.org/glsa/202305-06
• https://security.gentoo.org/glsa/202305-13
• https://www.mozilla.org/security/advisories/mfsa2022-51/
• https://www.mozilla.org/security/advisories/mfsa2022-52/
• https://www.mozilla.org/security/advisories/mfsa2022-53/
• https://www.mozilla.org/security/advisories/mfsa2022-54/

Parent vulnerabilities

(Appears in the following advisories)

• MFSA2022-52
• MFSA2022-54
• MFSA2022-51

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2022-46880
• CVE-2022-46872
• CVE-2022-46881
• CVE-2022-46874
• CVE-2022-46875
• CVE-2022-46882
• CVE-2022-46878
• CVE-2022-46871
• CVE-2022-46873
• CVE-2022-46877
• CVE-2022-46879

Frequently Asked Questions

• What is CVE-2022-46874?

  CVE-2022-46874 is a vulnerability where a file with a long filename could have its filename truncated, potentially leading to user confusion and the execution of malicious code.

• Which products are affected by CVE-2022-46874?

  CVE-2022-46874 affects Mozilla Thunderbird, Firefox ESR, Firefox, and other related products.

• What is the severity of CVE-2022-46874?

  CVE-2022-46874 has a severity rating of 8.8 (high).

• How can CVE-2022-46874 be exploited?

  CVE-2022-46874 can be exploited by having a file with a long filename, which gets truncated and has a malicious extension added.

• Are there any official references for CVE-2022-46874?

  Yes, you can find official references for CVE-2022-46874 at the following links: [Bugzilla](https://bugzilla.mozilla.org/show_bug.cgi?id=1746139), [Mozilla Security Advisory - MFS](https://www.mozilla.org/en-US/security/advisories/mfsa2022-54/), [Mozilla Security Advisory - MFS](https://www.mozilla.org/en-US/security/advisories/mfsa2022-52/)