VDB
CVE-2023-6705
CVE-2023-6705
PUBLISHED
Es bestehen mehrere Schwachstellen in verschiedenen Komponenten von Google Chrome und Microsoft Edge, wie z. B. V8, WebRTC, CSS u. a. aufgrund einer Typenverwechslung und eines "use after free" Fehlers. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen, sowie potenziell Code auszuführen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 0.36% · 58.3th percentile
Risk Scores
EPSS Score
0.36%
58.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Edge | |
| Fedora | Fedora Linux | |
| Debian | Debian Linux | |
| Gentoo | Gentoo Linux | |
| SUSE | SUSE Linux | |
| Microsoft | Microsoft Edge 120.0.2210.77 |
Exploit Intelligence
- CIRCL seen: CVE-2023-6705 (circl-sighting)
- https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html (circl)
- https://crbug.com/1505708 (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6NWZ23ZJ62XKWVNGHSIZQYILVJWH5BLI/ (circl)
- https://security.gentoo.org/glsa/202401-34 (circl)
Timeline
- Dec 12, 2023 CVE Published
- Dec 15, 2023 EPSS Score
- Jan 10, 2024 PoC Published
- Jan 13, 2024 EPSS Score
- Feb 11, 2024 EPSS Score
- Feb 18, 2024 CVE Updated
- Apr 10, 2024 EPSS Score
- May 9, 2024 EPSS Score
- Jun 7, 2024 EPSS Score
- Jul 6, 2024 EPSS Score
- Aug 4, 2024 EPSS Score
- Sep 3, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3125.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3125 advisory
- http://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-1fe02ca797 advisory
- https://lists.debian.org/debian-security-announce/2023/msg00273.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-a79d31df77 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-3d9f7ca27f advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-5418332424 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-0bdf9bf395 advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#december-14-2023 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b300e89045 advisory
- https://security.gentoo.org/glsa/202401-34 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-February/017888.html advisory
- https://security.gentoo.org/glsa/202402-14 advisory