VDB
CVE-2023-23597
CVE-2023-23597
PUBLISHED
In Mozilla Firefox, Mozilla Firefox ESR und Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen zählen Fehler in der Speicherverwaltung sowie Programmierfehler. Ein Angreifer kann dadurch beliebigen Code ausführen, den Benutzer täuschen, Informationen offenlegen, und Sicherheitsvorkehrungen umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich. Einige dieser Schwachstellen betreffen nur die Linux oder Android Varianten der betroffenen Produkte.
EPSS 0.15% · 35.8th percentile
Risk Scores
EPSS Score
0.15%
35.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IGEL | IGEL OS < 11.08.290 | |
| Xerox | Xerox FreeFlow Print Server v2 | |
| Ubuntu | Ubuntu Linux | |
| Debian | Debian Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Gentoo | Gentoo Linux | |
| Amazon | Amazon Linux 2 | |
| Open Source | Open Source CentOS | |
| SUSE | SUSE Linux | |
| Oracle | Oracle Linux |
Timeline
- Jan 17, 2023 CVE Published
- Jun 3, 2023 EPSS Score
- Jul 9, 2023 EPSS Score
- Aug 14, 2023 EPSS Score
- Sep 19, 2023 EPSS Score
- Sep 27, 2023 CVE Updated
- Oct 24, 2023 EPSS Score
- Nov 29, 2023 EPSS Score
- Jan 4, 2024 EPSS Score
- Feb 9, 2024 EPSS Score
- Mar 16, 2024 EPSS Score
- Apr 21, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0107.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0107 advisory
- https://alas.aws.amazon.com/AL2/ALASFIREFOX-2023-013.html advisory
- https://security.gentoo.org/glsa/202305-13 advisory
- https://security.business.xerox.com/wp-content/uploads/2023/03/Xerox-Security-Bulletin-XRX23-002-FreeFlow-Print-Server-v2_Windows10.pdf advisory
- https://kb.igel.com/securitysafety/en/isn-2023-02-firefox-esr-vulnerabilities-81501314.html advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/ advisory
- https://lists.debian.org/debian-security-announce/2023/msg00011.html advisory
- https://lists.debian.org/debian-lts-announce/2023/01/msg00015.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-January/013488.html advisory
- https://ubuntu.com/security/notices/USN-5816-1 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-January/013492.html advisory
- https://www.cybersecurity-help.cz/vdb/SB2023012305 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-January/013482.html advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-03/ advisory
- https://access.redhat.com/errata/RHSA-2023:0296 advisory
- https://access.redhat.com/errata/RHSA-2023:0295 advisory
- https://access.redhat.com/errata/RHSA-2023:0288 advisory
- https://access.redhat.com/errata/RHSA-2023:0286 advisory
…and 25 more