PT-2023-1313 · Mozilla+9 · Firefox Esr+11

Mozilla Developers

·

Publicado

2023-01-17

·

Atualizado

2025-01-10

·

CVE-2023-23605

CVSS v3.1

8.8

Alta

VetorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 109 Firefox ESR versions prior to 102.7 Thunderbird versions prior to 102.7
Description The issue is related to memory safety bugs, which can lead to memory corruption. With sufficient effort, these bugs could potentially be exploited to run arbitrary code. This can be achieved by a remote attacker using a specially crafted website.
Recommendations For Firefox versions prior to 109, update to version 109 or later to resolve the issue. For Firefox ESR versions prior to 102.7, update to version 102.7 or later to resolve the issue. For Thunderbird versions prior to 102.7, update to version 102.7 or later to resolve the issue.

Correção

Memory Corruption

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-120

Identificadores relacionados

ALSA-2023:0285
ALSA-2023:0288
ALSA-2023:0463
ALSA-2023:0476
ALT-PU-2023-1084
ALT-PU-2023-1119
ALT-PU-2023-1140
ALT-PU-2023-1193
ALT-PU-2023-1243
ALT-PU-2023-1315
ALT-PU-2023-1478
ALT-PU-2023-1758
ALT-PU-2023-4335
ALT-PU-2023-4365
ALT-PU-2023-5754
ALT-PU-2024-3614
BDU:2023-00598
CESA-2023_0288
CESA-2023_0296
CESA-2023_0456
CESA-2023_0463
CVE-2023-23605
DLA-3275-1
DLA-3324-1
DSA-5322-1
DSA-5355-1
MGASA-2023-0018
MGASA-2023-0034
OPENSUSE-SU-2023_0113-1
OPENSUSE-SU-2023_0329-1
OPENSUSE-SU-2024:12623-1
OPENSUSE-SU-2024:12627-1
OPENSUSE-SU-2024:12652-1
OPENSUSE-SU-2024:14572-1
RHSA-2023:0285
RHSA-2023:0286
RHSA-2023:0288
RHSA-2023:0289
RHSA-2023:0290
RHSA-2023:0294
RHSA-2023:0295
RHSA-2023:0296
RHSA-2023:0456
RHSA-2023:0457
RHSA-2023:0459
RHSA-2023:0460
RHSA-2023:0461
RHSA-2023:0462
RHSA-2023:0463
RHSA-2023:0476
RHSA-2023_0285
RHSA-2023_0288
RHSA-2023_0296
RHSA-2023_0456
RHSA-2023_0463
RHSA-2023_0476
RLSA-2023:0285
RLSA-2023:0288
RLSA-2023:0463
RLSA-2023:0476
SUSE-SU-2023:0111-1
SUSE-SU-2023:0112-1
SUSE-SU-2023:0113-1
SUSE-SU-2023:0329-1
USN-5816-1
USN-5816-2
USN-5824-1

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Rocky Linux
Suse
Thunderbird
Ubuntu