CVE-2023-29550

CVSS 8.8 HIGHEPSS 0.7%

Vexday Risk Score

21Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 8.8EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

02 jun 2023Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Produtos afetados

Mozilla · Firefox Mozilla · Firefox ESR Mozilla · Firefox for Android Mozilla · Focus for Android Mozilla · Thunderbird

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1720594%2C1812498%2C1814217%2C1818357%2C1751945%2C1818762%2C1819493%2C1820389%2C1820602%2C1821448%2C1822413%2C1824828 https://www.mozilla.org/security/advisories/mfsa2023-13/https://www.mozilla.org/security/advisories/mfsa2023-14/https://www.mozilla.org/security/advisories/mfsa2023-15/