CVE-2023-23604

Related Files

Ubuntu Security Notice USN-5816-2

Posted Feb 6, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5816-2 - USN-5816-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. Tom Schuster discovered that Firefox was not performing a validation check on GTK drag data. An attacker could potentially exploits this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary, spoof, vulnerability

systems | linux, ubuntu

advisories | CVE-2023-23597, CVE-2023-23598, CVE-2023-23599, CVE-2023-23601, CVE-2023-23602, CVE-2023-23603, CVE-2023-23604, CVE-2023-23606

SHA-256 | ac080c4b3790efbaf876e4fa1ba3505424a80943ca230f29f3ed885731cb5053

Download | Favorite | View

Ubuntu Security Notice USN-5816-1

Posted Jan 23, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5816-1 - Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. An attacker could potentially exploits this to obtain sensitive information. Tom Schuster discovered that Firefox was not performing a validation check on GTK drag data. An attacker could potentially exploits this to obtain sensitive information.

tags | advisory, web

systems | linux, ubuntu

advisories | CVE-2023-23597, CVE-2023-23598, CVE-2023-23599, CVE-2023-23601, CVE-2023-23602, CVE-2023-23603, CVE-2023-23604, CVE-2023-23606

SHA-256 | fc001643a6e5b7c0b2a05ecbee48a78fcb234cb56c2c6ca5347f8ad3e4ce89ab

Download | Favorite | View