PT-2023-3058 · Mozilla+10 · Firefox Esr+12

Andrew Mccreight

+3

·

Publicado

2023-06-06

·

Atualizado

2024-12-12

·

CVE-2023-34416

CVSS v2.0

10

Crítica

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 114 Firefox ESR versions prior to 102.12 Thunderbird versions prior to 102.12
Description The issue is related to memory safety bugs that could potentially be exploited to run arbitrary code, with evidence of memory corruption found in some cases. This could allow a remote attacker to execute arbitrary code.
Recommendations For Firefox versions prior to 114, update to version 114 or later. For Firefox ESR versions prior to 102.12, update to version 102.12 or later. For Thunderbird versions prior to 102.12, update to version 102.12 or later.

Exploit

Correção

Memory Corruption

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-119

Identificadores relacionados

ALSA-2023:3587
ALSA-2023:3588
ALSA-2023:3589
ALSA-2023:3590
ALT-PU-2023-1956
ALT-PU-2023-1974
ALT-PU-2023-1993
ALT-PU-2023-2036
ALT-PU-2023-4367
ALT-PU-2023-5239
ALT-PU-2023-5754
ALT-PU-2024-14035
ALT-PU-2024-3860
ALT-PU-2024-4241
ALT-PU-2024-4748
BDU:2023-03125
CESA-2023_3588
CESA-2023_3590
CVE-2023-34416
DLA-3448-1
DLA-3452-1
DSA-5421-1
DSA-5423-1
MGASA-2023-0199
MGASA-2023-0200
OPENSUSE-SU-2023_2612-1
OPENSUSE-SU-2024:12990-1
OPENSUSE-SU-2024:12991-1
OPENSUSE-SU-2024:14572-1
RHSA-2023:3560
RHSA-2023:3561
RHSA-2023:3562
RHSA-2023:3563
RHSA-2023:3564
RHSA-2023:3565
RHSA-2023:3566
RHSA-2023:3567
RHSA-2023:3578
RHSA-2023:3579
RHSA-2023:3587
RHSA-2023:3588
RHSA-2023:3589
RHSA-2023:3590
RHSA-2023:3596
RHSA-2023:3597
RHSA-2023_3563
RHSA-2023_3579
RHSA-2023_3587
RHSA-2023_3588
RHSA-2023_3589
RHSA-2023_3590
RLSA-2023:3587
RLSA-2023:3588
RLSA-2023:3590
SUSE-SU-2023:2440-1
SUSE-SU-2023:2441-1
SUSE-SU-2023:2489-1
SUSE-SU-2023:2612-1
USN-6143-1
USN-6143-2
USN-6143-3
USN-6147-1
USN-6214-1

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Thunderbird
Ubuntu