CNVD-2023-55353 — Vulnetix

CNVD-2023-55353 PUBLISHED

Mozilla Firefox ESR是美国Mozilla基金会的Firefox(Web浏览器)的一个延长支持版本。 Mozilla Firefox ESR 102.10之前版本存在拒绝服务漏洞，该漏洞源于经过垃圾收集器压缩之后，weak maps可能在被正确跟踪之前就已经被访问过，攻击者可利用该漏洞导致内存损坏和潜在的可利用崩溃。

Affected Products

Vendor	Product	Versions
Mozilla	Thunderbird	*
Mozilla	Focus for Android	unspecified
Mozilla	Firefox for Android	unspecified
Mozilla	Firefox	unspecified
Mozilla	Firefox ESR	*

Timeline

Apr 12, 2023 CVE Published
Jun 2, 2023 PoC Published

References

https://www.mozilla.org/security/advisories/mfsa2023-15/ url
https://www.mozilla.org/security/advisories/mfsa2023-14/ url
https://www.mozilla.org/security/advisories/mfsa2023-13/ url
https://bugzilla.mozilla.org/show_bug.cgi?id=1820543 url

Open in Interactive Console →