Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 121.
References
Link | Resource |
---|---|
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855327%2C1862089%2C1862723 | Broken Link Issue Tracking |
https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/202401-10 | Third Party Advisory |
https://www.debian.org/security/2023/dsa-5582 | Third Party Advisory |
https://www.mozilla.org/security/advisories/mfsa2023-56/ | Vendor Advisory |
Configurations
History
02 Feb 2024, 02:29
Type | Values Removed | Values Added |
---|---|---|
References | () https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html - Mailing List, Third Party Advisory | |
References | () https://security.gentoo.org/glsa/202401-10 - Third Party Advisory | |
CPE | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
07 Jan 2024, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Dec 2023, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
22 Dec 2023, 10:28
Type | Values Removed | Values Added |
---|---|---|
First Time |
Mozilla firefox
Mozilla Debian debian Linux Debian |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CWE | CWE-787 | |
CPE | cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
|
References | () https://www.debian.org/security/2023/dsa-5582 - Third Party Advisory | |
References | () https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855327%2C1862089%2C1862723 - Broken Link, Issue Tracking | |
References | () https://www.mozilla.org/security/advisories/mfsa2023-56/ - Vendor Advisory |
22 Dec 2023, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Dec 2023, 14:49
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-19 14:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-6873
Mitre link : CVE-2023-6873
CVE.ORG link : CVE-2023-6873
JSON object : View
Products Affected
mozilla
- firefox
debian
- debian_linux
CWE
CWE-787
Out-of-bounds Write