Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-3482: Security Vulnerabilities fixed in Firefox 115

When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank’. This could have led to malicious websites storing tracking data without permission. This vulnerability affects Firefox < 115.

CVE
#vulnerability#web#firefox

Mozilla Foundation Security Advisory 2023-22

Announced

July 4, 2023

Impact

high

Products

Firefox

Fixed in

  • Firefox 115

#CVE-2023-3482: Block all cookies bypass for localstorage

Reporter

Martin Hostettler

Impact

moderate

Description

When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank’. This could have led to malicious websites storing tracking data without permission.

References

  • Bug 1839464

#CVE-2023-37201: Use-after-free in WebRTC certificate generation

Reporter

Irvan Kurniawan

Impact

high

Description

An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS.

References

  • Bug 1826002

#CVE-2023-37202: Potential use-after-free from compartment mismatch in SpiderMonkey

Reporter

zx

Impact

high

Description

Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free.

References

  • Bug 1834711

#CVE-2023-37203: Drag and Drop API may provide access to local system files

Reporter

Paul Nickerson

Impact

moderate

Description

Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. This could have been leveraged to execute arbitrary code.

References

  • Bug 291640

#CVE-2023-37204: Fullscreen notification obscured via option element

Reporter

Irvan Kurniawan

Impact

moderate

Description

A website could have obscured the fullscreen notification by using an option element by introducing lag via an expensive computational function. This could have led to user confusion and possible spoofing attacks.

References

  • Bug 1832195

#CVE-2023-37205: URL spoofing in address bar using RTL characters

Reporter

Rohan Sharma

Impact

moderate

Description

The use of RTL Arabic characters in the address bar may have allowed for URL spoofing.

References

  • Bug 1704420

#CVE-2023-37206: Insufficient validation of symlinks in the FileSystem API

Reporter

Ameen Basha M K

Impact

moderate

Description

Uploading files which contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website.

References

  • Bug 1813299

#CVE-2023-37207: Fullscreen notification obscured

Reporter

Shaheen Fazim

Impact

moderate

Description

A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks.

References

  • Bug 1816287

#CVE-2023-37208: Lack of warning when opening Diagcab files

Reporter

Puf

Impact

moderate

Description

When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code.

References

  • Bug 1837675

#CVE-2023-37209: Use-after-free in `NotifyOnHistoryReload`

Reporter

Simon Descarpentries

Impact

moderate

Description

A use-after-free condition existed in NotifyOnHistoryReload where a LoadingSessionHistoryEntry object was freed and a reference to that object remained. This resulted in a potentially exploitable condition when the reference to that object was later reused.

References

  • Bug 1837993

#CVE-2023-37210: Full-screen mode exit prevention

Reporter

Hafiizh

Impact

low

Description

A website could prevent a user from exiting full-screen mode via alert and prompt calls. This could lead to user confusion and possible spoofing attacks.

References

  • Bug 1821886

#CVE-2023-37211: Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13

Reporter

Andrew McCreight, Matthew Gaudet, Tom Ritter, and the Mozilla Fuzzing Team,

Impact

high

Description

Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

References

  • Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13

#CVE-2023-37212: Memory safety bugs fixed in Firefox 115

Reporter

Andrew McCreight, and the Mozilla Fuzzing Team

Impact

high

Description

Memory safety bugs present in Firefox 114. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

References

  • Memory safety bugs fixed in Firefox 115

Related news

Gentoo Linux Security Advisory 202401-10

Gentoo Linux Security Advisory 202401-10 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could lead to remote code execution. Versions greater than or equal to 115.6.0:esr are affected.

Apple iOS, Google Android Patch Zero-Days in July Security Updates

Plus: Mozilla fixes two high-severity bugs in Firefox, Citrix fixes a flaw that was used to attack a US-based critical infrastructure organization, and Oracle patches over 500 vulnerabilities.

Ubuntu Security Notice USN-6227-1

Ubuntu Security Notice 6227-1 - Several security issues were discovered in the SpiderMonkey JavaScript library. If a user were tricked into opening malicious JavaScript applications or processing malformed data, a remote attacker could exploit a variety of issues related to JavaScript security, including denial of service attacks, and arbitrary code execution.

Red Hat Security Advisory 2023-4062-01

Red Hat Security Advisory 2023-4062-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.13.0. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-4064-01

Red Hat Security Advisory 2023-4064-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.13.0. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-4075-01

Red Hat Security Advisory 2023-4075-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.13.0 ESR. Issues addressed include a use-after-free vulnerability.

RHSA-2023:4079: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other com...

RHSA-2023:4076: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other com...

RHSA-2023:4074: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTP...

RHSA-2023:4075: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. *...

RHSA-2023:4066: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have...

RHSA-2023:4072: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy coul...

RHSA-2023:4073: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have cau...

RHSA-2023:4069: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have cau...

RHSA-2023:4067: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have...

RHSA-2023:4070: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: ...

RHSA-2023:4065: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy ...

RHSA-2023:4064: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other...

Debian Security Advisory 5451-1

Debian Linux Security Advisory 5451-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

Ubuntu Security Notice USN-6214-1

Ubuntu Security Notice 6214-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. P Umar Farooq discovered that Thunderbird did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicious Diagcab file, an attacker could execute arbitrary code.

Debian Security Advisory 5450-1

Debian Linux Security Advisory 5450-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing.

Ubuntu Security Notice USN-6201-1

Ubuntu Security Notice 6201-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Martin Hostettler discovered that Firefox did not properly block storage of all cookies when configured. An attacker could potentially exploits this issue to store tracking data without permission in localstorage.

CVE-2023-37209: Invalid Bug ID

A use-after-free condition existed in `NotifyOnHistoryReload` where a `LoadingSessionHistoryEntry` object was freed and a reference to that object remained. This resulted in a potentially exploitable condition when the reference to that object was later reused. This vulnerability affects Firefox < 115.

CVE-2023-37206: Invalid Bug ID

Uploading files which contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website. This vulnerability affects Firefox < 115.

CVE-2023-37211: Bug List

Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

CVE-2023-37208: Security Vulnerabilities fixed in Firefox ESR 102.13

When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

CVE-2023-37208: Security Vulnerabilities fixed in Firefox ESR 102.13

When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

CVE-2023-37208: Security Vulnerabilities fixed in Firefox ESR 102.13

When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

CVE-2023-37208: Security Vulnerabilities fixed in Firefox ESR 102.13

When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

CVE-2023-37208: Security Vulnerabilities fixed in Firefox ESR 102.13

When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907