what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

CVE-2023-4056

Status Candidate

Overview

Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Related Files

Ubuntu Security Notice USN-6401-1
Posted Oct 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6401-1 - It was discovered that FreeRDP did not properly manage certain inputs. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly obtain sensitive information. It was discovered that FreeRDP did not properly manage certain inputs. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-39350, CVE-2023-39354, CVE-2023-40181, CVE-2023-40569
SHA-256 | 9d49b67d80a9d8ac4cbe0f390e587665488a0a6f20bf9d963b6668b08fc9fc73
Ubuntu Security Notice USN-6333-1
Posted Sep 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6333-1 - Junsung Lee discovered that Thunderbird did not properly validate the text direction override unicode character in filenames. An attacker could potentially exploits this issue by spoofing file extension while attaching a file in emails. Max Vlasov discovered that Thunderbird Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy.

tags | advisory, spoof
systems | linux, ubuntu
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056
SHA-256 | de1cdeefaa54cbd5ac2ba23369fd0091cdef1507fcdebab7399ef5c6b2b74e13
Ubuntu Security Notice USN-6267-3
Posted Aug 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6267-3 - USN-6267-1 fixed vulnerabilities and USN-6267-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. Alexander Guryanov discovered that Firefox did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. Mark Brand discovered that Firefox did not properly validate the size of an untrusted input stream. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4048, CVE-2023-4050, CVE-2023-4056
SHA-256 | 7e86313999419f66e87b639480ef8ad7f3101a9bf1b0aef199979f717993c99a
Ubuntu Security Notice USN-6267-2
Posted Aug 8, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6267-2 - USN-6267-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. Alexander Guryanov discovered that Firefox did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. Mark Brand discovered that Firefox did not properly validate the size of an untrusted input stream. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4048, CVE-2023-4050, CVE-2023-4056
SHA-256 | 5fb0b898aafa28294fb8ccc08119b1fe47db5b53b2d6374b96b0c7fd72049cca
Red Hat Security Advisory 2023-4497-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4497-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | d61b5c7d78b63321d596425b6dbd2d12c0485db110873f84a72928d225472381
Red Hat Security Advisory 2023-4499-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4499-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 11004ad86cf7fb706f246469662689fcf1317bb98536e467a4155cb6ca468dff
Red Hat Security Advisory 2023-4500-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4500-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | c4aa016d471135fe61ed27809f1c8264400e9a54fe3dd490f8bfd6a9a81641f0
Red Hat Security Advisory 2023-4495-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4495-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 3f082ad0422d2528b2b980547ea2bb899bc6c98fd777b949caaa3711c639c33f
Red Hat Security Advisory 2023-4496-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4496-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 2579416318f2418061883709534204a492c792cc999e151d20e73b1b16ba92d6
Red Hat Security Advisory 2023-4493-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4493-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 98e2b30eab8cfaa7e1b574708bd5698b5ca4c22bf7afc00cb6330e0e425da627
Red Hat Security Advisory 2023-4494-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4494-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 2858760e57b9ee1af6a5e94097dc3e02d02117c8cead120b74105220b40a4c27
Red Hat Security Advisory 2023-4492-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4492-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 1734acf7582d70ac3c37e9313d4428dd8d6215908c5d07e27b67e4b96a1228c2
Debian Security Advisory 5469-1
Posted Aug 7, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5469-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056
SHA-256 | 017d91e72c61fc642ca3564dd8cd1290f874178ab081da60e057a9723723cfde
Debian Security Advisory 5464-1
Posted Aug 4, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5464-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, bypass of the same-origin policy, spoofing or sandbox bypass.

tags | advisory, web, arbitrary, spoof
systems | linux, debian
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056
SHA-256 | 3069629d3ef5bc6b0d21cfa08fe173ff4a81f30ad88de2fa86b9b678de047138
Red Hat Security Advisory 2023-4461-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4461-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | ddb2a0756d62f711c911cd8c4b53ad7d0583595b1b5733ac92ad7e20029e2119
Red Hat Security Advisory 2023-4460-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4460-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | da853f53a82d14aa2bf6fc0456ede116ae0d55b04dd25f09b987a52be2dee28d
Red Hat Security Advisory 2023-4469-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4469-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | fedb6843c2df2945faa516f0e6ccc48026ac649bba6f02632b4ee78c4aa19d07
Red Hat Security Advisory 2023-4468-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4468-01 - An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 90bccd1353096856931c18624a03cb99f6b57b04834b3cc97fc0816696183422
Red Hat Security Advisory 2023-4465-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4465-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | a019b3e199b89f00fa9182a0f5a598959d0916c04a6c55254c4367d942dcab56
Red Hat Security Advisory 2023-4464-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4464-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | aa026308e6a9261e67cef9327e9f20936d6c0b4a53e7536306ad485fb4b0021d
Red Hat Security Advisory 2023-4463-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4463-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 4ebfd9470307ee6efdcf1331c5c8cf44406bb65810dbd074149d73e2131a046d
Red Hat Security Advisory 2023-4462-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4462-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | ac334472e16a49a84869d79eb012501d1c1db4b461779a5531bafd208158eebc
Ubuntu Security Notice USN-6267-1
Posted Aug 2, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6267-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 51b1cc97de6f469ebee1cb6c9eb78f96f74f91edddd7253d5beec2a0426b7fd1
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close