PT-2023-2856 · Mozilla+10 · Firefox+12

Andrew Mccreight

+4

·

Published

2023-05-09

·

Updated

2024-12-12

·

CVE-2023-32215

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 113 Firefox ESR versions prior to 102.11 Thunderbird versions prior to 102.11
Description The issue is caused by memory safety bugs, including buffer overflow, which can lead to memory corruption. It is presumed that with enough effort, some of these bugs could be exploited to run arbitrary code. An attacker could exploit this issue by tricking a user into opening a specially crafted website, potentially leading to the execution of arbitrary code in the target system.
Recommendations For Firefox versions prior to 113, update to version 113 or later. For Firefox ESR versions prior to 102.11, update to version 102.11 or later. For Thunderbird versions prior to 102.11, update to version 102.11 or later.

Exploit

Fix

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

ALSA-2023:3143
ALSA-2023:3150
ALSA-2023:3220
ALSA-2023:3221
ALT-PU-2023-1773
ALT-PU-2023-1811
ALT-PU-2023-1822
ALT-PU-2023-1872
ALT-PU-2023-1895
ALT-PU-2023-1900
ALT-PU-2023-1901
ALT-PU-2023-1984
ALT-PU-2023-1985
ALT-PU-2023-4365
ALT-PU-2023-4366
ALT-PU-2023-5754
ALT-PU-2024-14035
ALT-PU-2024-4241
BDU:2023-02803
CESA-2023_3220
CESA-2023_3221
CVE-2023-32215
DLA-3417-1
DLA-3421-1
DSA-5400-1
DSA-5403-1
MGASA-2023-0171
MGASA-2023-0172
OESA-2023-1673
OESA-2023-1674
OPENSUSE-SU-2024:12918-1
OPENSUSE-SU-2024:12920-1
OPENSUSE-SU-2024:12921-1
OPENSUSE-SU-2024:14572-1
RHSA-2023:3137
RHSA-2023:3138
RHSA-2023:3139
RHSA-2023:3140
RHSA-2023:3141
RHSA-2023:3142
RHSA-2023:3143
RHSA-2023:3149
RHSA-2023:3150
RHSA-2023:3151
RHSA-2023:3152
RHSA-2023:3153
RHSA-2023:3154
RHSA-2023:3155
RHSA-2023:3220
RHSA-2023:3221
RHSA-2023_3137
RHSA-2023_3143
RHSA-2023_3150
RHSA-2023_3151
RHSA-2023_3220
RHSA-2023_3221
RLSA-2023:3220
RLSA-2023:3221
SUSE-SU-2023:2173-1
SUSE-SU-2023:2175-1
SUSE-SU-2023:2176-1
SUSE-SU-2023:2211-1
USN-6074-1
USN-6074-2
USN-6074-3
USN-6075-1
USN-6120-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Thunderbird
Ubuntu