VDB
CVE-2023-23604
CVE-2023-23604
PUBLISHED
In Mozilla Firefox, Mozilla Firefox ESR und Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen zählen Fehler in der Speicherverwaltung sowie Programmierfehler. Ein Angreifer kann dadurch beliebigen Code ausführen, den Benutzer täuschen, Informationen offenlegen, und Sicherheitsvorkehrungen umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich. Einige dieser Schwachstellen betreffen nur die Linux oder Android Varianten der betroffenen Produkte.
EPSS 0.06% · 19.7th percentile
Risk Scores
EPSS Score
0.06%
19.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xerox | Xerox FreeFlow Print Server v2 | |
| SUSE | SUSE Linux | |
| Gentoo | Gentoo Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Ubuntu | Ubuntu Linux | |
| Oracle | Oracle Linux | |
| Open Source | Open Source CentOS | |
| Debian | Debian Linux | |
| IGEL | IGEL OS < 11.08.290 | |
| Amazon | Amazon Linux 2 |
Timeline
- Jan 17, 2023 CVE Published
- Jun 3, 2023 EPSS Score
- Jul 9, 2023 EPSS Score
- Aug 14, 2023 EPSS Score
- Sep 19, 2023 EPSS Score
- Sep 27, 2023 CVE Updated
- Oct 24, 2023 EPSS Score
- Nov 29, 2023 EPSS Score
- Jan 4, 2024 EPSS Score
- Feb 9, 2024 EPSS Score
- Mar 16, 2024 EPSS Score
- Apr 21, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0107.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0107 advisory
- https://alas.aws.amazon.com/AL2/ALASFIREFOX-2023-013.html advisory
- https://security.gentoo.org/glsa/202305-13 advisory
- https://security.business.xerox.com/wp-content/uploads/2023/03/Xerox-Security-Bulletin-XRX23-002-FreeFlow-Print-Server-v2_Windows10.pdf advisory
- https://kb.igel.com/securitysafety/en/isn-2023-02-firefox-esr-vulnerabilities-81501314.html advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/ advisory
- https://lists.debian.org/debian-security-announce/2023/msg00011.html advisory
- https://lists.debian.org/debian-lts-announce/2023/01/msg00015.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-January/013488.html advisory
- https://ubuntu.com/security/notices/USN-5816-1 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-January/013492.html advisory
- https://www.cybersecurity-help.cz/vdb/SB2023012305 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-January/013482.html advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-03/ advisory
- https://access.redhat.com/errata/RHSA-2023:0296 advisory
- https://access.redhat.com/errata/RHSA-2023:0295 advisory
- https://access.redhat.com/errata/RHSA-2023:0288 advisory
- https://access.redhat.com/errata/RHSA-2023:0286 advisory
…and 25 more