VDB
CVE-2023-23606
CVE-2023-23606
PUBLISHED
In Mozilla Firefox, Mozilla Firefox ESR und Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen zählen Fehler in der Speicherverwaltung sowie Programmierfehler. Ein Angreifer kann dadurch beliebigen Code ausführen, den Benutzer täuschen, Informationen offenlegen, und Sicherheitsvorkehrungen umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich. Einige dieser Schwachstellen betreffen nur die Linux oder Android Varianten der betroffenen Produkte.
EPSS 0.29% · 52.7th percentile
Risk Scores
EPSS Score
0.29%
52.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xerox | Xerox FreeFlow Print Server v2 | |
| Oracle | Oracle Linux | |
| Open Source | Open Source CentOS | |
| Red Hat | Red Hat Enterprise Linux | |
| Gentoo | Gentoo Linux | |
| Ubuntu | Ubuntu Linux | |
| Debian | Debian Linux | |
| SUSE | SUSE Linux | |
| Amazon | Amazon Linux 2 | |
| IGEL | IGEL OS < 11.08.290 |
Exploit Intelligence
Timeline
- Jan 17, 2023 CVE Published
- Jun 3, 2023 EPSS Score
- Jul 9, 2023 EPSS Score
- Aug 14, 2023 EPSS Score
- Sep 19, 2023 EPSS Score
- Sep 27, 2023 CVE Updated
- Oct 25, 2023 EPSS Score
- Nov 30, 2023 EPSS Score
- Jan 5, 2024 EPSS Score
- Feb 10, 2024 EPSS Score
- Mar 16, 2024 EPSS Score
- Apr 21, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0107.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0107 advisory
- https://alas.aws.amazon.com/AL2/ALASFIREFOX-2023-013.html advisory
- https://security.gentoo.org/glsa/202305-13 advisory
- https://security.business.xerox.com/wp-content/uploads/2023/03/Xerox-Security-Bulletin-XRX23-002-FreeFlow-Print-Server-v2_Windows10.pdf advisory
- https://kb.igel.com/securitysafety/en/isn-2023-02-firefox-esr-vulnerabilities-81501314.html advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/ advisory
- https://lists.debian.org/debian-security-announce/2023/msg00011.html advisory
- https://lists.debian.org/debian-lts-announce/2023/01/msg00015.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-January/013488.html advisory
- https://ubuntu.com/security/notices/USN-5816-1 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-January/013492.html advisory
- https://www.cybersecurity-help.cz/vdb/SB2023012305 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-January/013482.html advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-03/ advisory
- https://access.redhat.com/errata/RHSA-2023:0296 advisory
- https://access.redhat.com/errata/RHSA-2023:0295 advisory
- https://access.redhat.com/errata/RHSA-2023:0288 advisory
- https://access.redhat.com/errata/RHSA-2023:0286 advisory
…and 25 more