VDB
CVE-2023-25748
CVE-2023-25748
PUBLISHED
In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Diese sind auf ungepatchte Schwachstellen, Out-of-Bounds Fehler, Speicherfehler, Cross-Origin-iFrames und andere Fehler zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
EPSS 0.19% · 41.2th percentile
Risk Scores
EPSS Score
0.19%
41.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | Debian Linux | |
| Oracle | Oracle Linux | |
| Amazon | Amazon Linux 2 | |
| Gentoo | Gentoo Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| SUSE | SUSE Linux | |
| Open Source | Open Source CentOS | |
| Ubuntu | Ubuntu Linux |
Timeline
- Mar 14, 2023 CVE Published
- Jun 2, 2023 PoC Published
- Jun 3, 2023 EPSS Score
- Jul 9, 2023 EPSS Score
- Aug 14, 2023 EPSS Score
- Sep 19, 2023 EPSS Score
- Oct 24, 2023 EPSS Score
- Nov 29, 2023 EPSS Score
- Jan 4, 2024 EPSS Score
- Feb 9, 2024 EPSS Score
- Mar 16, 2024 EPSS Score
- Apr 21, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0643.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0643 advisory
- https://alas.aws.amazon.com/AL2/ALASFIREFOX-2023-004.html advisory
- https://security.gentoo.org/glsa/202305-35 advisory
- https://access.redhat.com/errata/RHSA-2023:1479 advisory
- https://ubuntu.com/security/notices/USN-5954-2 advisory
- https://access.redhat.com/errata/RHSA-2023:1445 advisory
- https://access.redhat.com/errata/RHSA-2023:1444 advisory
- https://lists.centos.org/pipermail/centos-announce/2023-March/086391.html advisory
- https://access.redhat.com/errata/RHSA-2023:1364 advisory
- https://access.redhat.com/errata/RHSA-2023:1367 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-March/014107.html advisory
- https://access.redhat.com/errata/RHSA-2023:1333 advisory
- http://linux.oracle.com/errata/ELSA-2023-1333.html advisory
- http://linux.oracle.com/errata/ELSA-2023-1337.html advisory
- http://linux.oracle.com/errata/ELSA-2023-1336.html advisory
- https://access.redhat.com/errata/RHSA-2023:1337 advisory
- https://access.redhat.com/errata/RHSA-2023:1336 advisory
- https://lists.debian.org/debian-lts-announce/2023/03/msg00015.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-March/014065.html advisory
…and 4 more