摘要:
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of the `ms-msdt`, `search`, and `search-ms` protocols delivering content to Microsoft applications and bypassing the browser when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Firefox), so in this release, Firefox has blocked these protocols from prompting the user to open them.
安全等级: Low
公告ID: KylinSec-SA-2022-1605
发布日期: 2022年7月12日
关联CVE: CVE-2022-34478
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of the `ms-msdt`, `search`, and `search-ms` protocols delivering content to Microsoft applications and bypassing the browser when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Firefox), so in this release, Firefox has blocked these protocols from prompting the user to open them.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2022-34478 | KY3.4-4A | firefox | Unaffected |
| CVE-2022-34478 | KY3.4-5 | firefox | Unaffected |
| CVE-2022-34478 | KY3.5.1 | firefox | Unaffected |
