Lucene search

K
kasperskyKaspersky LabKLA60821
HistorySep 28, 2023 - 12:00 a.m.

KLA60821 DoS vulnerability in Mozilla Firefox ESR

2023-09-2800:00:00
Kaspersky Lab
threats.kaspersky.com
40
mozilla
firefox
buffer overflow
denial of service
update
cve-2023-5217

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.248

Percentile

96.7%

Heap buffer overflow vulnerability was found in Mozilla Firefox ESR. Malicious users can exploit this vulnerability to cause denial of service.

Original advisories

MFSA2023-44

Exploitation

Public exploits exist for this vulnerability.

Related products

Mozilla-Firefox-ESR

CVE list

CVE-2023-5217 critical

Solution

Update to the latest version

Download Firefox ESR

Impacts

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

  • Mozilla Firefox ESR earlier than 115.3.1

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.248

Percentile

96.7%