VDB
CNVD-2023-75344
CNVD-2023-75344
PUBLISHED
Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox存在代码问题漏洞,该漏洞源于当通过IPC接收渲染数据时,mStream初始化时可能会被破坏,攻击者可利用该漏洞导致释放后使用,从而导致潜在的可利用崩溃。
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mozilla | thunderbird | 0, 0 |
| Mozilla | Thunderbird | unspecified, unspecified |
| Mozilla | Firefox | unspecified |
| Mozilla | Firefox ESR | unspecified, unspecified |
| mozilla | firefox_esr | 0, 0 |
| mozilla | firefox | 0 |
Exploit Intelligence
- https://bugzilla.mozilla.org/show_bug.cgi?id=1846687 (circl)
- https://www.mozilla.org/security/advisories/mfsa2023-34/ (circl)
- https://www.mozilla.org/security/advisories/mfsa2023-35/ (circl)
- https://www.mozilla.org/security/advisories/mfsa2023-36/ (circl)
- https://www.mozilla.org/security/advisories/mfsa2023-37/ (circl)
- https://www.mozilla.org/security/advisories/mfsa2023-38/ (circl)
- CIRCL seen: CVE-2023-4573 (circl-sighting)
Timeline
- Sep 1, 2023 CVE Published
- Sep 11, 2023 PoC Published
References
- https://bugzilla.mozilla.org/show_bug.cgi?id=1846687 url
- https://www.mozilla.org/security/advisories/mfsa2023-34/ url
- https://www.mozilla.org/security/advisories/mfsa2023-35/ url
- https://www.mozilla.org/security/advisories/mfsa2023-36/ url
- https://www.mozilla.org/security/advisories/mfsa2023-37/ url
- https://www.mozilla.org/security/advisories/mfsa2023-38/ url