VDB
CVE-2023-3600
CVE-2023-3600
PUBLISHED
Es existiert eine Schwachstelle in Mozilla Firefox und Mozilla Firefox ESR. Diese ist auf einen potentiellen Use-after-Free-Fehler zurückzuführen, welcher für einen gezielten Absturz des Browsers ausgenutzt werden kann. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
EPSS 0.19% · 40.7th percentile
Risk Scores
EPSS Score
0.19%
40.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | Debian Linux | |
| Mozilla | Mozilla Thunderbird < 102.13.1 | |
| SUSE | SUSE Linux | |
| Gentoo | Gentoo Linux | |
| Xerox | Xerox FreeFlow Print Server v2 | |
| Ubuntu | Ubuntu Linux | |
| Xerox | Xerox FreeFlow Print Server v7 for Solaris | |
| Fedora | Fedora Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Xerox | Xerox FreeFlow Print Server v9 | |
| Amazon | Amazon Linux 2 | |
| Oracle | Oracle Linux |
Exploit Intelligence
- CIRCL seen: CVE-2023-3600 (circl-sighting)
- CIRCL seen: CVE-2023-3600 (circl-sighting)
- https://bugzilla.mozilla.org/show_bug.cgi?id=1839703 (circl)
- https://www.mozilla.org/security/advisories/mfsa2023-26/ (circl)
- https://www.mozilla.org/security/advisories/mfsa2023-27/ (circl)
Timeline
- Jul 11, 2023 CVE Published
- Jul 12, 2023 PoC Published
- Jul 13, 2023 EPSS Score
- Aug 17, 2023 EPSS Score
- Sep 20, 2023 EPSS Score
- Oct 12, 2023 CVE Updated
- Oct 25, 2023 EPSS Score
- Nov 28, 2023 EPSS Score
- Jan 2, 2024 EPSS Score
- Feb 5, 2024 EPSS Score
- Mar 11, 2024 EPSS Score
- May 19, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1716.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1716 advisory
- https://linux.oracle.com/errata/ELSA-2023-5477.html advisory
- http://linux.oracle.com/errata/ELSA-2023-5433.html advisory
- https://access.redhat.com/errata/RHSA-2023:5477 advisory
- https://linux.oracle.com/errata/ELSA-2023-5434.html advisory
- https://access.redhat.com/errata/RHSA-2023:5434 advisory
- https://access.redhat.com/errata/RHSA-2023:5433 advisory
- https://access.redhat.com/errata/RHSA-2023:5436 advisory
- https://access.redhat.com/errata/RHSA-2023:5440 advisory
- https://access.redhat.com/errata/RHSA-2023:5427 advisory
- https://access.redhat.com/errata/RHSA-2023:5426 advisory
- https://access.redhat.com/errata/RHSA-2023:5437 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-July/015619.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-July/015620.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-July/015618.html advisory
- https://ubuntu.com/security/notices/USN-6218-1 advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-26/ advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1866.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1866 advisory
…and 35 more