VDB
CVE-2023-6873
CVE-2023-6873
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Firefox ist ein Open Source Web Browser. Thunderbird ist ein Open Source E-Mail Client.
EPSS 0.38% · 60.1th percentile
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.38%
60.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xerox | Xerox FreeFlow Print Server 9 | |
| Fedora | Fedora Linux | |
| Debian | Debian Linux | |
| Red Hat | Red Hat OpenShift Container Platform 4.9 | |
| SUSE | SUSE Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| RESF | RESF Rocky Linux | |
| Mozilla | Mozilla Firefox <121 | |
| Amazon | Amazon Linux 2 | |
| Red Hat | Red Hat OpenShift Container Platform 4.11 | |
| IBM | IBM QRadar SIEM 7.5 | |
| Red Hat | Red Hat OpenShift Container Platform 4.10 | |
| Mozilla | Mozilla Firefox <ESR 115.6 | |
| IGEL | IGEL OS | |
| Red Hat | Red Hat OpenShift Container Platform 4.12 | |
| Mozilla | Mozilla Thunderbird <115.6 | |
| SUSE | SUSE openSUSE | |
| Ubuntu | Ubuntu Linux | |
| Gentoo | Gentoo Linux | |
| Oracle | Oracle Linux |
…and 1 more
Exploit Intelligence
- CIRCL seen: CVE-2023-6873 (circl-sighting)
- Memory safety bugs fixed in Firefox 121 (circl)
- https://www.mozilla.org/security/advisories/mfsa2023-56/ (circl)
- https://www.debian.org/security/2023/dsa-5582 (circl)
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html (circl)
- https://security.gentoo.org/glsa/202401-10 (circl)
Timeline
- Jan 21, 1970 Distribution Patch
- Jan 21, 1970 Security Advisory
- Jan 21, 1970 Security Advisory
- Dec 19, 2023 CVE Published
- Dec 20, 2023 EPSS Score
- Jan 12, 2024 PoC Published
- Jan 18, 2024 EPSS Score
- Feb 16, 2024 EPSS Score
- Apr 14, 2024 EPSS Score
- May 13, 2024 EPSS Score
- Jun 11, 2024 EPSS Score
- Jul 10, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3185.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3185 advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/ advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-7dee358171 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-608dd04117 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017505.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017506.html advisory
- https://lists.debian.org/debian-security-announce/2023/msg00278.html advisory
- https://www.debian.org/security/2023/dsa-5581 advisory
- https://www.debian.org/security/2023/dsa-5582 advisory
- https://ubuntu.com/security/notices/USN-6562-1 advisory
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html advisory
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html advisory
- http://access.redhat.com/errata/RHSA-2024:0026 advisory
- http://access.redhat.com/errata/RHSA-2024:0025 advisory
- http://access.redhat.com/errata/RHSA-2024:0022 advisory
- http://access.redhat.com/errata/RHSA-2024:0019 advisory
- http://access.redhat.com/errata/RHSA-2024:0012 advisory
…and 46 more