VDB
CVE-2023-6704
CVE-2023-6704
PUBLISHED
Es bestehen mehrere Schwachstellen in verschiedenen Komponenten von Google Chrome und Microsoft Edge, wie z. B. V8, WebRTC, CSS u. a. aufgrund einer Typenverwechslung und eines "use after free" Fehlers. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen, sowie potenziell Code auszuführen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 0.19% · 40.2th percentile
Risk Scores
EPSS Score
0.19%
40.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Edge 120.0.2210.77 | |
| SUSE | SUSE Linux | |
| Debian | Debian Linux | |
| Microsoft | Microsoft Edge | |
| Fedora | Fedora Linux | |
| Gentoo | Gentoo Linux |
Exploit Intelligence
- CIRCL seen: CVE-2023-6704 (circl-sighting)
- https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html (circl)
- https://crbug.com/1504792 (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6NWZ23ZJ62XKWVNGHSIZQYILVJWH5BLI/ (circl)
- https://security.gentoo.org/glsa/202401-34 (circl)
Timeline
- Dec 12, 2023 CVE Published
- Dec 15, 2023 EPSS Score
- Jan 10, 2024 PoC Published
- Jan 13, 2024 EPSS Score
- Feb 11, 2024 EPSS Score
- Feb 18, 2024 CVE Updated
- Mar 12, 2024 EPSS Score
- May 9, 2024 EPSS Score
- Jun 7, 2024 EPSS Score
- Jul 6, 2024 EPSS Score
- Aug 4, 2024 EPSS Score
- Sep 3, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3125.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3125 advisory
- http://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-1fe02ca797 advisory
- https://lists.debian.org/debian-security-announce/2023/msg00273.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-a79d31df77 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-3d9f7ca27f advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-5418332424 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-0bdf9bf395 advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#december-14-2023 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b300e89045 advisory
- https://security.gentoo.org/glsa/202401-34 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-February/017888.html advisory
- https://security.gentoo.org/glsa/202402-14 advisory