![]() Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. #CVE-2023-37211: Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13 Reporter Andrew McCreight, Matthew Gaudet, Tom Ritter, and the Mozilla Fuzzing Team, Impact high Description When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. ![]() ![]() #CVE-2023-37208: Lack of warning when opening Diagcab files Reporter P Umar Farooq Impact moderate Description This could have led to user confusion and possible spoofing attacks. #CVE-2023-37207: Fullscreen notification obscured Reporter Shaheen Fazim Impact moderate DescriptionĪ website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. ![]() #CVE-2023-37202: Potential use-after-free from compartment mismatch in SpiderMonkey Reporter zx Impact high DescriptionĬross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. #CVE-2023-37201: Use-after-free in WebRTC certificate generation Reporter Irvan Kurniawan Impact high DescriptionĪn attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. Mozilla Foundation Security Advisory 2023-23 Security Vulnerabilities fixed in Firefox ESR 102.13 Announced JImpact high Products Firefox ESR Fixed in ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |