PT-2023-1697 · Mozilla+10 · Firefox Esr+11

Gabriele Svelto

+1

·

Published

2022-07-27

·

Updated

2025-01-09

·

CVE-2023-25746

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox ESR versions 102.7 and earlier Thunderbird versions prior to 102.8
Description The issue is related to memory safety bugs, which can lead to memory corruption. With sufficient effort, these bugs could potentially be exploited to execute arbitrary code remotely. This affects both Firefox ESR and Thunderbird.
Recommendations For Firefox ESR version 102.7 and earlier, update to version 102.8 or later. For Thunderbird versions prior to 102.8, update to version 102.8 or later.

Exploit

Fix

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-120

Related Identifiers

ALSA-2023:0808
ALSA-2023:0810
ALSA-2023:0821
ALSA-2023:0824
ALT-PU-2022-2306
ALT-PU-2022-2930
ALT-PU-2023-1139
ALT-PU-2023-1374
ALT-PU-2023-1386
ALT-PU-2023-1411
ALT-PU-2023-1435
ALT-PU-2023-1758
ALT-PU-2023-1765
ALT-PU-2023-4339
ALT-PU-2023-4365
ALT-PU-2023-4366
BDU:2023-01268
CESA-2023_0808
CESA-2023_0812
CESA-2023_0817
CESA-2023_0821
CVE-2023-25746
DLA-3319-1
DLA-3324-1
DSA-5350-1
DSA-5355-1
MGASA-2023-0056
MGASA-2023-0057
OPENSUSE-SU-2023_0461-1
OPENSUSE-SU-2024:12702-1
OPENSUSE-SU-2024:12713-1
RHSA-2023:0805
RHSA-2023:0806
RHSA-2023:0807
RHSA-2023:0808
RHSA-2023:0809
RHSA-2023:0810
RHSA-2023:0811
RHSA-2023:0812
RHSA-2023:0817
RHSA-2023:0818
RHSA-2023:0819
RHSA-2023:0820
RHSA-2023:0821
RHSA-2023:0822
RHSA-2023:0823
RHSA-2023:0824
RHSA-2023_0808
RHSA-2023_0810
RHSA-2023_0812
RHSA-2023_0817
RHSA-2023_0821
RHSA-2023_0824
RLSA-2023:0808
RLSA-2023:0810
RLSA-2023:0821
RLSA-2023:0824
SUSE-SU-2023:0461-1
SUSE-SU-2023:0466-1
SUSE-SU-2023:0469-1
SUSE-SU-2023:0599-1
USN-5943-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Firefox Esr
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Thunderbird
Ubuntu