VDB
CVE-2023-25745
CVE-2023-25745
PUBLISHED
In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen zählen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausführen, Sicherheitsmechanismen umgehen, den Nutzer täuschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
EPSS 0.27% · 50.5th percentile
Risk Scores
EPSS Score
0.27%
50.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xerox | Xerox FreeFlow Print Server v2 | |
| Ubuntu | Ubuntu Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Oracle | Oracle VM 3 | |
| SUSE | SUSE Linux | |
| Red Hat | Red Hat Enterprise Linux Multicluster Engine | |
| Gentoo | Gentoo Linux | |
| Oracle | Oracle Linux | |
| Amazon | Amazon Linux 2 | |
| IGEL | IGEL OS < 11.08.290 | |
| IBM | IBM QRadar SIEM 7.5 | |
| Open Source | Open Source CentOS | |
| Red Hat | Red Hat Virtualization 4 | |
| NetApp | NetApp ActiveIQ Unified Manager | |
| Debian | Debian Linux |
Exploit Intelligence
Timeline
- Feb 14, 2023 CVE Published
- Jun 3, 2023 EPSS Score
- Jul 9, 2023 EPSS Score
- Aug 14, 2023 EPSS Score
- Sep 19, 2023 EPSS Score
- Oct 25, 2023 EPSS Score
- Nov 30, 2023 EPSS Score
- Jan 5, 2024 EPSS Score
- Feb 10, 2024 EPSS Score
- Apr 21, 2024 EPSS Score
- May 27, 2024 EPSS Score
- Jul 2, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0385.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0385 advisory
- https://alas.aws.amazon.com/AL2/ALASFIREFOX-2023-007.html advisory
- https://oss.oracle.com/pipermail/oraclevm-errata/2023-August/001079.html advisory
- https://www.ibm.com/support/pages/node/7010099 advisory
- https://security.gentoo.org/glsa/202305-35 advisory
- https://alas.aws.amazon.com/ALAS-2023-1736.html advisory
- https://access.redhat.com/errata/RHSA-2023:2098 advisory
- https://access.redhat.com/errata/RHSA-2023:1677 advisory
- http://linux.oracle.com/errata/ELSA-2023-12238.html advisory
- https://access.redhat.com/errata/RHSA-2023:1479 advisory
- https://security.netapp.com/advisory/ntap-20230324-0008/ advisory
- https://access.redhat.com/errata/RHSA-2023:1436 advisory
- https://lists.centos.org/pipermail/centos-announce/2023-March/086393.html advisory
- https://security.business.xerox.com/wp-content/uploads/2023/03/Xerox-Security-Bulletin-XRX23-002-FreeFlow-Print-Server-v2_Windows10.pdf advisory
- https://access.redhat.com/errata/RHSA-2023:1406 advisory
- https://kb.igel.com/securitysafety/en/isn-2023-02-firefox-esr-vulnerabilities-81501314.html advisory
- https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html advisory
- https://access.redhat.com/errata/RHSA-2023:1370 advisory
- https://access.redhat.com/errata/RHSA-2023:1368 advisory
…and 37 more