Lucene search

K
cveMozillaCVE-2023-0767
HistoryJun 02, 2023 - 5:15 p.m.

CVE-2023-0767

2023-06-0217:15:10
mozilla
web.nvd.nist.gov
1258
cve-2023-0767
pkcs 12
memory writes
firefox
thunderbird
nvd

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

0.002

Percentile

65.0%

An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Affected configurations

Nvd
Vulners
Node
mozillafirefoxRange<110.0
OR
mozillafirefox_esrRange<102.8
OR
mozillathunderbirdRange<102.8
VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillafirefox_esr*cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
mozillathunderbird*cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "Mozilla",
    "product": "Firefox",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "110",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Mozilla",
    "product": "Thunderbird",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "102.8",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Mozilla",
    "product": "Firefox ESR",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "102.8",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

0.002

Percentile

65.0%