VDB
CVE-2023-5727
CVE-2023-5727
PUBLISHED
Es besteht eine Schwachstelle in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird unter Windows. Dieser Fehler besteht aufgrund einer Warnung vor einer fehlenden ausführbaren Datei beim Herunterladen von .msix-, .msixbundle-, .appx- und .appxbundle-Dateien. Indem das Opfer dazu gebracht wird, die Dateien auszuführen, kann ein Angreifer diese Schwachstelle ausnutzen, um die Sicherheitsmaßnahmen zu umgehen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 0.21% · 43.8th percentile
Risk Scores
EPSS Score
0.21%
43.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Mozilla Firefox ESR <115.4 | |
| Fedora | Fedora Linux | |
| Gentoo | Gentoo Linux | |
| IGEL | IGEL OS | |
| Amazon | Amazon Linux 2 | |
| SUSE | SUSE Linux | |
| Mozilla | Mozilla Thunderbird <115.4.1 | |
| Xerox | Xerox FreeFlow Print Server v2 / Windows 10 | |
| Mozilla | Mozilla Firefox <119 | |
| Debian | Debian Linux | |
| Xerox | Xerox FreeFlow Print Server v7 | |
| Xerox | Xerox FreeFlow Print Server v9 | |
| Red Hat | Red Hat Enterprise Linux | |
| Oracle | Oracle Linux | |
| Ubuntu | Ubuntu Linux | |
| SUSE | SUSE openSUSE |
Exploit Intelligence
Timeline
- Oct 24, 2023 CVE Published
- Oct 25, 2023 EPSS Score
- Nov 25, 2023 EPSS Score
- Dec 26, 2023 EPSS Score
- Jan 26, 2024 EPSS Score
- Feb 26, 2024 EPSS Score
- Mar 28, 2024 EPSS Score
- Apr 28, 2024 EPSS Score
- May 29, 2024 EPSS Score
- Jul 29, 2024 EPSS Score
- Aug 29, 2024 EPSS Score
- Sep 29, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2743.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2743 advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-48/ advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-126cffa741 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-253212d414 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-107939d153 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-October/016854.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-October/016855.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-October/016853.html advisory
- https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html advisory
- https://ubuntu.com/security/notices/USN-6456-1 advisory
- https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html advisory
- https://lists.debian.org/debian-security-announce/2023/msg00234.html advisory
- https://access.redhat.com/errata/RHSA-2023:6195 advisory
- https://linux.oracle.com/errata/ELSA-2023-6162.html advisory
- https://access.redhat.com/errata/RHSA-2023:6188 advisory
- https://access.redhat.com/errata/RHSA-2023:6191 advisory
…and 31 more