PT-2023-6536 · Mozilla+9 · Firefox+11
Anbu
·
Published
2023-10-24
·
Updated
2025-03-14
·
CVE-2023-5728
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Firefox versions prior to 119
Firefox ESR versions prior to 115.4
Thunderbird versions prior to 115.4.1
Description
The issue is related to the Garbage Collector component in Firefox, Firefox ESR, and Thunderbird, which involves errors in memory deallocation when performing operations on objects. This could lead to a potentially exploitable crash. Exploitation of the vulnerability may allow a remote attacker to cause a denial of service.
Recommendations
For Firefox versions prior to 119, update to version 119 or later.
For Firefox ESR versions prior to 115.4, update to version 115.4 or later.
For Thunderbird versions prior to 115.4.1, update to version 115.4.1 or later.
Exploit
Fix
Use After Free
Buffer Overflow
Memory Leak
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Red Os
Suse
Thunderbird
Ubuntu