Lucene search

K

China National Vulnerability DatabaseCNVD-2023-05209

HistoryDec 30, 2022 - 12:00 a.m.

Mozilla Firefox Security Feature Issue Vulnerability (CNVD-2023-05209)

2022-12-3000:00:00

China National Vulnerability Database

www.cnvd.org.cn

8

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Mozilla Firefox is an open source Web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable to a security feature issue that stems from a vulnerability related to compromised keys in the OpenPGP revocation mechanism. A remote attacker could use the revoked key to sign messages, which would appear as valid and genuine messages.

CPENameOperatorVersion
mozilla thunderbirdlt91.8

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Related for CNVD-2023-05209

veracode1 ubuntucve1 cve1 prion1 alpinelinux1 debiancve1 redhatcve1 nessus17 openvas9 ubuntu1 osv5 oraclelinux2 debian2 redhat5 mozilla1 slackware1 amazon1 suse1 altlinux1 rocky1 kaspersky1 almalinux1 mageia1 gentoo1