A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
References
Link | Resource |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1839073 | Issue Tracking Permissions Required |
https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html | |
https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html | |
https://www.debian.org/security/2023/dsa-5464 | Third Party Advisory |
https://www.debian.org/security/2023/dsa-5469 | Third Party Advisory |
https://www.mozilla.org/security/advisories/mfsa2023-29/ | Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2023-30/ | Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2023-31/ | Vendor Advisory |
Configurations
History
22 Oct 2024, 16:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-352 |
21 Oct 2024, 19:24
Type | Values Removed | Values Added |
---|---|---|
CPE |
09 Aug 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Aug 2023, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Aug 2023, 14:26
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
|
First Time |
Debian
Mozilla firefox Mozilla firefox Esr Debian debian Linux Mozilla |
|
References | (MISC) https://bugzilla.mozilla.org/show_bug.cgi?id=1839073 - Issue Tracking, Permissions Required | |
References | (MISC) https://www.mozilla.org/security/advisories/mfsa2023-29/ - Vendor Advisory | |
References | (MISC) https://www.mozilla.org/security/advisories/mfsa2023-30/ - Vendor Advisory | |
References | (MISC) https://www.debian.org/security/2023/dsa-5464 - Third Party Advisory | |
References | (MISC) https://www.debian.org/security/2023/dsa-5469 - Third Party Advisory | |
References | (MISC) https://www.mozilla.org/security/advisories/mfsa2023-31/ - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CWE | NVD-CWE-noinfo |
07 Aug 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 Aug 2023, 04:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Aug 2023, 15:25
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-01 15:15
Updated : 2024-10-22 16:35
NVD link : CVE-2023-4047
Mitre link : CVE-2023-4047
CVE.ORG link : CVE-2023-4047
JSON object : View
Products Affected
mozilla
- firefox
debian
- debian_linux
CWE