PT-2023-2857 · Mozilla+10 · Firefox+12

Alesandro Ortiz

Publicado

2023-05-09

Atualizado

2024-12-12

CVE-2023-32205

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 113 Firefox ESR versions prior to 102.11 Thunderbird versions prior to 102.11

Description The issue is related to errors in the user interface, where browser prompts could be obscured by popups controlled by content, potentially leading to user confusion and spoofing attacks. This could allow a remote attacker to perform spoofing attacks.

Recommendations For Firefox versions prior to 113, update to version 113 or later to resolve the issue. For Firefox ESR versions prior to 102.11, update to version 102.11 or later to resolve the issue. For Thunderbird versions prior to 102.11, update to version 102.11 or later to resolve the issue.

Exploit

Correção

UI Misrepresentation of Critical Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-451

Identificadores relacionados

ALSA-2023:3143

ALSA-2023:3150

ALSA-2023:3220

ALSA-2023:3221

ALT-PU-2023-1773

ALT-PU-2023-1811

ALT-PU-2023-1822

ALT-PU-2023-1872

ALT-PU-2023-1895

ALT-PU-2023-1900

ALT-PU-2023-1901

ALT-PU-2023-1984

ALT-PU-2023-1985

ALT-PU-2023-4365

ALT-PU-2023-4366

ALT-PU-2023-5754

ALT-PU-2024-14035

ALT-PU-2024-4241

BDU:2023-02804

CESA-2023_3220

CESA-2023_3221

CVE-2023-32205

DLA-3417-1

DLA-3421-1

DSA-5400-1

DSA-5403-1

MGASA-2023-0171

MGASA-2023-0172

OESA-2023-1673

OESA-2023-1674

OPENSUSE-SU-2024:12918-1

OPENSUSE-SU-2024:12920-1

OPENSUSE-SU-2024:12921-1

OPENSUSE-SU-2024:14572-1

RHSA-2023:3137

RHSA-2023:3138

RHSA-2023:3139

RHSA-2023:3140

RHSA-2023:3141

RHSA-2023:3142

RHSA-2023:3143

RHSA-2023:3149

RHSA-2023:3150

RHSA-2023:3151

RHSA-2023:3152

RHSA-2023:3153

RHSA-2023:3154

RHSA-2023:3155

RHSA-2023:3220

RHSA-2023:3221

RHSA-2023_3137

RHSA-2023_3143

RHSA-2023_3150

RHSA-2023_3151

RHSA-2023_3220

RHSA-2023_3221

RLSA-2023:3220

RLSA-2023:3221

SUSE-SU-2023:2173-1

SUSE-SU-2023:2175-1

SUSE-SU-2023:2176-1

SUSE-SU-2023:2211-1

SUSE-SU-2023_2173-1

SUSE-SU-2023_2175-1

SUSE-SU-2023_2176-1

USN-6074-1

USN-6074-2

USN-6074-3

USN-6075-1

Produtos afetados

Alt Linux

Almalinux

Astra Linux

Centos

Firefox

Firefox Esr

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Thunderbird

Ubuntu

PT-2023-2857 · Mozilla+10 · Firefox+12

CVE-2023-32205

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2275