Headline
RHSA-2023:4071: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS.
- CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free.
- CVE-2023-37207: The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks.
- CVE-2023-37208: The Mozilla Foundation Security Advisory describes this flaw as: When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code.
- CVE-2023-37211: The Mozilla Foundation Security Advisory describes this flaw as: Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
Synopsis
Important: firefox security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for firefox is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 102.13.0 ESR.
Security Fix(es):
- Mozilla: Use-after-free in WebRTC certificate generation (CVE-2023-37201)
- Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey (CVE-2023-37202)
- Mozilla: Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13 (CVE-2023-37211)
- Mozilla: Fullscreen notification obscured (CVE-2023-37207)
- Mozilla: Lack of warning when opening Diagcab files (CVE-2023-37208)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Firefox must be restarted for the changes to take effect.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
- Red Hat Enterprise Linux Server - AUS 9.2 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
- Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2 aarch64
- Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2 s390x
Fixes
- BZ - 2219747 - CVE-2023-37201 Mozilla: Use-after-free in WebRTC certificate generation
- BZ - 2219748 - CVE-2023-37202 Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey
- BZ - 2219749 - CVE-2023-37207 Mozilla: Fullscreen notification obscured
- BZ - 2219750 - CVE-2023-37208 Mozilla: Lack of warning when opening Diagcab files
- BZ - 2219751 - CVE-2023-37211 Mozilla: Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13
CVEs
- CVE-2023-37201
- CVE-2023-37202
- CVE-2023-37207
- CVE-2023-37208
- CVE-2023-37211
Red Hat Enterprise Linux for x86_64 9
SRPM
firefox-102.13.0-2.el9_2.src.rpm
SHA-256: c4005d26b530b7ebf786f1608a504a8766b6daae7c77402658ed3cff04898a2a
x86_64
firefox-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 83dcb0df402dca4877e8fe6a8cd7250a18b7adf69d635d5399e746cc92440a4d
firefox-debuginfo-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 9adbd9eb868365526b9d4bfde62f5e2ab5838d2b11e70a4265e4f0fa77c501fc
firefox-debugsource-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 3d0eddbff9c2ffa49484a0ccfb7672903ec815beda49acd10c420a031aed431d
firefox-x11-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 353134016e9b36e5caec806871037c2e08fe005c7d0202326720e219b54101f6
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2
SRPM
firefox-102.13.0-2.el9_2.src.rpm
SHA-256: c4005d26b530b7ebf786f1608a504a8766b6daae7c77402658ed3cff04898a2a
x86_64
firefox-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 83dcb0df402dca4877e8fe6a8cd7250a18b7adf69d635d5399e746cc92440a4d
firefox-debuginfo-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 9adbd9eb868365526b9d4bfde62f5e2ab5838d2b11e70a4265e4f0fa77c501fc
firefox-debugsource-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 3d0eddbff9c2ffa49484a0ccfb7672903ec815beda49acd10c420a031aed431d
firefox-x11-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 353134016e9b36e5caec806871037c2e08fe005c7d0202326720e219b54101f6
Red Hat Enterprise Linux Server - AUS 9.2
SRPM
firefox-102.13.0-2.el9_2.src.rpm
SHA-256: c4005d26b530b7ebf786f1608a504a8766b6daae7c77402658ed3cff04898a2a
x86_64
firefox-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 83dcb0df402dca4877e8fe6a8cd7250a18b7adf69d635d5399e746cc92440a4d
firefox-debuginfo-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 9adbd9eb868365526b9d4bfde62f5e2ab5838d2b11e70a4265e4f0fa77c501fc
firefox-debugsource-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 3d0eddbff9c2ffa49484a0ccfb7672903ec815beda49acd10c420a031aed431d
firefox-x11-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 353134016e9b36e5caec806871037c2e08fe005c7d0202326720e219b54101f6
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
firefox-102.13.0-2.el9_2.src.rpm
SHA-256: c4005d26b530b7ebf786f1608a504a8766b6daae7c77402658ed3cff04898a2a
s390x
firefox-102.13.0-2.el9_2.s390x.rpm
SHA-256: c3736cf4c213023000f646b2ecfc35e3dada64490ba6e93e0b78fb420dc301b2
firefox-debuginfo-102.13.0-2.el9_2.s390x.rpm
SHA-256: 6cfa1066af1aa74dc1bdef1ad3ce744a03289160634430d6646f1f06afbb37f5
firefox-debugsource-102.13.0-2.el9_2.s390x.rpm
SHA-256: 9e359755918b653abaa8ab6e38f23665c1586de6f90e623364692dbe05516206
firefox-x11-102.13.0-2.el9_2.s390x.rpm
SHA-256: 4c5328d72b8a9ab49b4dc269b0fbf4a91396031c0858868299c7cad9f98e6efd
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2
SRPM
firefox-102.13.0-2.el9_2.src.rpm
SHA-256: c4005d26b530b7ebf786f1608a504a8766b6daae7c77402658ed3cff04898a2a
s390x
firefox-102.13.0-2.el9_2.s390x.rpm
SHA-256: c3736cf4c213023000f646b2ecfc35e3dada64490ba6e93e0b78fb420dc301b2
firefox-debuginfo-102.13.0-2.el9_2.s390x.rpm
SHA-256: 6cfa1066af1aa74dc1bdef1ad3ce744a03289160634430d6646f1f06afbb37f5
firefox-debugsource-102.13.0-2.el9_2.s390x.rpm
SHA-256: 9e359755918b653abaa8ab6e38f23665c1586de6f90e623364692dbe05516206
firefox-x11-102.13.0-2.el9_2.s390x.rpm
SHA-256: 4c5328d72b8a9ab49b4dc269b0fbf4a91396031c0858868299c7cad9f98e6efd
Red Hat Enterprise Linux for Power, little endian 9
SRPM
firefox-102.13.0-2.el9_2.src.rpm
SHA-256: c4005d26b530b7ebf786f1608a504a8766b6daae7c77402658ed3cff04898a2a
ppc64le
firefox-102.13.0-2.el9_2.ppc64le.rpm
SHA-256: fc1065904ed646ef0bd9e53ab04b68aee3f5fde6e61b41868253bed5004fa99a
firefox-debuginfo-102.13.0-2.el9_2.ppc64le.rpm
SHA-256: 46004f75dc6fb2d507f364a0d73edca08a2ac88c2e33746ff0ae7e655735e0aa
firefox-debugsource-102.13.0-2.el9_2.ppc64le.rpm
SHA-256: 0a20ce8ac56bfb2965a7a64d752658b4564cb5951840d31f7a3649b5fc8ed7ec
firefox-x11-102.13.0-2.el9_2.ppc64le.rpm
SHA-256: 18a1e45520f825d33f268d66deb5ca73fc11aefa6a7fc60705ce950974cc9aec
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2
SRPM
firefox-102.13.0-2.el9_2.src.rpm
SHA-256: c4005d26b530b7ebf786f1608a504a8766b6daae7c77402658ed3cff04898a2a
ppc64le
firefox-102.13.0-2.el9_2.ppc64le.rpm
SHA-256: fc1065904ed646ef0bd9e53ab04b68aee3f5fde6e61b41868253bed5004fa99a
firefox-debuginfo-102.13.0-2.el9_2.ppc64le.rpm
SHA-256: 46004f75dc6fb2d507f364a0d73edca08a2ac88c2e33746ff0ae7e655735e0aa
firefox-debugsource-102.13.0-2.el9_2.ppc64le.rpm
SHA-256: 0a20ce8ac56bfb2965a7a64d752658b4564cb5951840d31f7a3649b5fc8ed7ec
firefox-x11-102.13.0-2.el9_2.ppc64le.rpm
SHA-256: 18a1e45520f825d33f268d66deb5ca73fc11aefa6a7fc60705ce950974cc9aec
Red Hat Enterprise Linux for ARM 64 9
SRPM
firefox-102.13.0-2.el9_2.src.rpm
SHA-256: c4005d26b530b7ebf786f1608a504a8766b6daae7c77402658ed3cff04898a2a
aarch64
firefox-102.13.0-2.el9_2.aarch64.rpm
SHA-256: 71f1bbafff321b87a9b92adf7ee2d1d7e03da764761eb803e5f13aebbde4832f
firefox-debuginfo-102.13.0-2.el9_2.aarch64.rpm
SHA-256: 22b8d8d11e89ed9bcee3176f18ae9de017861ea961106432474b289c4fdea7a6
firefox-debugsource-102.13.0-2.el9_2.aarch64.rpm
SHA-256: 477a4b1acb4145be4115d34aab872be86fef79f00072d348bfa20ba62f150498
firefox-x11-102.13.0-2.el9_2.aarch64.rpm
SHA-256: 53edf0c74f9c2f908128a259efb82cdc8605c744873f98f590b6e956634525ca
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2
SRPM
firefox-102.13.0-2.el9_2.src.rpm
SHA-256: c4005d26b530b7ebf786f1608a504a8766b6daae7c77402658ed3cff04898a2a
aarch64
firefox-102.13.0-2.el9_2.aarch64.rpm
SHA-256: 71f1bbafff321b87a9b92adf7ee2d1d7e03da764761eb803e5f13aebbde4832f
firefox-debuginfo-102.13.0-2.el9_2.aarch64.rpm
SHA-256: 22b8d8d11e89ed9bcee3176f18ae9de017861ea961106432474b289c4fdea7a6
firefox-debugsource-102.13.0-2.el9_2.aarch64.rpm
SHA-256: 477a4b1acb4145be4115d34aab872be86fef79f00072d348bfa20ba62f150498
firefox-x11-102.13.0-2.el9_2.aarch64.rpm
SHA-256: 53edf0c74f9c2f908128a259efb82cdc8605c744873f98f590b6e956634525ca
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2
SRPM
firefox-102.13.0-2.el9_2.src.rpm
SHA-256: c4005d26b530b7ebf786f1608a504a8766b6daae7c77402658ed3cff04898a2a
ppc64le
firefox-102.13.0-2.el9_2.ppc64le.rpm
SHA-256: fc1065904ed646ef0bd9e53ab04b68aee3f5fde6e61b41868253bed5004fa99a
firefox-debuginfo-102.13.0-2.el9_2.ppc64le.rpm
SHA-256: 46004f75dc6fb2d507f364a0d73edca08a2ac88c2e33746ff0ae7e655735e0aa
firefox-debugsource-102.13.0-2.el9_2.ppc64le.rpm
SHA-256: 0a20ce8ac56bfb2965a7a64d752658b4564cb5951840d31f7a3649b5fc8ed7ec
firefox-x11-102.13.0-2.el9_2.ppc64le.rpm
SHA-256: 18a1e45520f825d33f268d66deb5ca73fc11aefa6a7fc60705ce950974cc9aec
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2
SRPM
firefox-102.13.0-2.el9_2.src.rpm
SHA-256: c4005d26b530b7ebf786f1608a504a8766b6daae7c77402658ed3cff04898a2a
x86_64
firefox-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 83dcb0df402dca4877e8fe6a8cd7250a18b7adf69d635d5399e746cc92440a4d
firefox-debuginfo-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 9adbd9eb868365526b9d4bfde62f5e2ab5838d2b11e70a4265e4f0fa77c501fc
firefox-debugsource-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 3d0eddbff9c2ffa49484a0ccfb7672903ec815beda49acd10c420a031aed431d
firefox-x11-102.13.0-2.el9_2.x86_64.rpm
SHA-256: 353134016e9b36e5caec806871037c2e08fe005c7d0202326720e219b54101f6
Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2
SRPM
firefox-102.13.0-2.el9_2.src.rpm
SHA-256: c4005d26b530b7ebf786f1608a504a8766b6daae7c77402658ed3cff04898a2a
aarch64
firefox-102.13.0-2.el9_2.aarch64.rpm
SHA-256: 71f1bbafff321b87a9b92adf7ee2d1d7e03da764761eb803e5f13aebbde4832f
firefox-debuginfo-102.13.0-2.el9_2.aarch64.rpm
SHA-256: 22b8d8d11e89ed9bcee3176f18ae9de017861ea961106432474b289c4fdea7a6
firefox-debugsource-102.13.0-2.el9_2.aarch64.rpm
SHA-256: 477a4b1acb4145be4115d34aab872be86fef79f00072d348bfa20ba62f150498
firefox-x11-102.13.0-2.el9_2.aarch64.rpm
SHA-256: 53edf0c74f9c2f908128a259efb82cdc8605c744873f98f590b6e956634525ca
Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2
SRPM
firefox-102.13.0-2.el9_2.src.rpm
SHA-256: c4005d26b530b7ebf786f1608a504a8766b6daae7c77402658ed3cff04898a2a
s390x
firefox-102.13.0-2.el9_2.s390x.rpm
SHA-256: c3736cf4c213023000f646b2ecfc35e3dada64490ba6e93e0b78fb420dc301b2
firefox-debuginfo-102.13.0-2.el9_2.s390x.rpm
SHA-256: 6cfa1066af1aa74dc1bdef1ad3ce744a03289160634430d6646f1f06afbb37f5
firefox-debugsource-102.13.0-2.el9_2.s390x.rpm
SHA-256: 9e359755918b653abaa8ab6e38f23665c1586de6f90e623364692dbe05516206
firefox-x11-102.13.0-2.el9_2.s390x.rpm
SHA-256: 4c5328d72b8a9ab49b4dc269b0fbf4a91396031c0858868299c7cad9f98e6efd
Related news
Gentoo Linux Security Advisory 202402-25 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.7.0 are affected.
Red Hat Security Advisory 2023-4071-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.13.0 ESR. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-4066-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.13.0. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-4062-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.13.0. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-4065-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.13.0. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-4067-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.13.0. Issues addressed include a use-after-free vulnerability.
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other com...
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other com...
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other com...
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other com...
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other com...
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other com...
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other com...
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other com...
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other com...
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other com...
An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. *...
An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. *...
An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. *...
An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. *...
An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. *...
An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have...
An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have...
An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have...
An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have...
An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have...
An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy coul...
An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy coul...
An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy coul...
An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy coul...
An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy coul...
An update for firefox is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have cau...
An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have...
An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: ...
An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other...
An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy ...
An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37201: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. * CVE-2023-37202: The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other...
Debian Linux Security Advisory 5451-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
Debian Linux Security Advisory 5451-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
Debian Linux Security Advisory 5451-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
Debian Linux Security Advisory 5451-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
Debian Linux Security Advisory 5451-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
Ubuntu Security Notice 6214-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. P Umar Farooq discovered that Thunderbird did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicious Diagcab file, an attacker could execute arbitrary code.
Ubuntu Security Notice 6214-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. P Umar Farooq discovered that Thunderbird did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicious Diagcab file, an attacker could execute arbitrary code.
Ubuntu Security Notice 6214-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. P Umar Farooq discovered that Thunderbird did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicious Diagcab file, an attacker could execute arbitrary code.
Ubuntu Security Notice 6214-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. P Umar Farooq discovered that Thunderbird did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicious Diagcab file, an attacker could execute arbitrary code.
Ubuntu Security Notice 6214-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. P Umar Farooq discovered that Thunderbird did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicious Diagcab file, an attacker could execute arbitrary code.
Debian Linux Security Advisory 5450-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing.
Debian Linux Security Advisory 5450-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing.
Debian Linux Security Advisory 5450-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing.
Debian Linux Security Advisory 5450-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing.
Ubuntu Security Notice 6201-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Martin Hostettler discovered that Firefox did not properly block storage of all cookies when configured. An attacker could potentially exploits this issue to store tracking data without permission in localstorage.
Ubuntu Security Notice 6201-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Martin Hostettler discovered that Firefox did not properly block storage of all cookies when configured. An attacker could potentially exploits this issue to store tracking data without permission in localstorage.
Ubuntu Security Notice 6201-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Martin Hostettler discovered that Firefox did not properly block storage of all cookies when configured. An attacker could potentially exploits this issue to store tracking data without permission in localstorage.
Ubuntu Security Notice 6201-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Martin Hostettler discovered that Firefox did not properly block storage of all cookies when configured. An attacker could potentially exploits this issue to store tracking data without permission in localstorage.
Ubuntu Security Notice 6201-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Martin Hostettler discovered that Firefox did not properly block storage of all cookies when configured. An attacker could potentially exploits this issue to store tracking data without permission in localstorage.
Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.