Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

Kaspersky LabKLA61042

HistorySep 28, 2023 - 12:00 a.m.

KLA61042 DoS vulnerability in Mozilla Thunderbird

Vulners
Kaspersky
KLA61042 DoS vulnerability in Mozilla Thunderbird

2023-09-2800:00:00

Kaspersky Lab

threats.kaspersky.com

mozilla thunderbird

dos

heap buffer overflow

public exploits

affected version

update

cve-2023-5217

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.9 High

AI Score

Confidence

High

0.245 Low

EPSS

Percentile

96.7%

JSON

Heap buffer overflow vulnerability was found in Mozilla Thunderbird. Malicious users can exploit this vulnerability to cause denial of service.

Original advisories

MFSA2023-44

Exploitation

Public exploits exist for this vulnerability.

Related products

Mozilla-Thunderbird

CVE list

CVE-2023-5217 critical

Solution

Update to the latest version

Download Thunderbird

Impacts

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

Mozilla Thunderbird earlier than 115.3.1

References

statistics.securelist.com/

threats.kaspersky.com/en/product/Mozilla-Thunderbird/

www.mozilla.org/en-US/security/advisories/mfsa2023-44/

githubexploit 3

openvas 35

nessus 66

osv 17

fedora 6

prion 1

kaspersky 6

veracode 1

github 3

slackware 3

debian 6

cve 1

ubuntucve 1

mageia 2

malwarebytes 2

mozilla 1

redhatcve 1

mscve 1

cisa_kev 1

f5 1

cvelist 1

nvd 1

freebsd 2

attackerkb 1

redos 1

alpinelinux 1

debiancve 1

redhat 14

ubuntu 3

oraclelinux 3

almalinux 3

gentoo 1

apple 2

cloudfoundry 1

citrix 1

wizblog 1

msrc 1

chrome 1

hivepro 1

rosalinux 1

githubexploit

Exploit for Out-of-bounds Write in Webmproject Libvpx

2023-10-06 10:43:38

Exploit for Out-of-bounds Write in Webmproject Libvpx

2023-10-06 05:46:16

Exploit for Out-of-bounds Write in Webmproject Libvpx

2023-10-06 11:01:08

openvas

openSUSE: Security Advisory for libvpx (SUSE-SU-2023:3948-1)

2024-03-04 00:00:00

SUSE: Security Advisory (SUSE-SU-2023:3950-1)

2023-10-04 00:00:00

Debian: Security Advisory (DLA-3591-1)

2023-10-02 00:00:00

nessus

Mozilla Thunderbird < 115.3.1

2023-09-29 00:00:00

Fedora 39 : thunderbird (2023-1afa208698)

2023-11-07 00:00:00

Debian DSA-5509-1 : firefox-esr - security update

2023-09-30 00:00:00

osv

firefox-esr - security update

2023-09-29 00:00:00

firefox-esr - security update

2023-09-30 00:00:00

CVE-2023-5217

2023-09-28 16:15:10

fedora

[SECURITY] Fedora 38 Update: libvpx-1.13.0-5.fc38

2023-10-01 04:55:42

[SECURITY] Fedora 39 Update: libvpx-1.13.0-5.fc39

2023-10-02 00:16:31

[SECURITY] Fedora 37 Update: libvpx-1.12.0-4.fc37

2023-10-23 01:25:02

prion

Heap overflow

2023-09-28 16:15:00

kaspersky

KLA60821 DoS vulnerability in Mozilla Firefox ESR

2023-09-28 00:00:00

KLA60820 DoS vulnerability in Mozilla Firefox

2023-09-28 00:00:00

KLA61592 DoS vulnerability in Microsoft Office

2023-09-29 00:00:00

veracode

Heap Buffer Overflow

2023-10-02 19:10:55

github

Electron affected by libvpx's heap buffer overflow in vp8 encoding

2023-09-28 18:30:45

CefSharp affected by libvpx's heap buffer overflow in vp8 encoding

2023-10-05 13:22:50

CefSharp affected by heap buffer overflow in WebP

2023-09-21 17:11:42

slackware

[slackware-security] libvpx

2023-09-30 21:42:24

[slackware-security] mozilla-firefox

2023-09-28 21:46:24

[slackware-security] mozilla-thunderbird

2023-09-30 21:42:55

debian

[SECURITY] [DLA 3591-1] firefox-esr security update

2023-09-30 10:16:57

[SECURITY] [DSA 5510-1] libvpx security update

2023-09-29 21:10:17

[SECURITY] [DSA 5509-1] firefox-esr security update

2023-09-29 17:55:10

cve

CVE-2023-5217

2023-09-28 16:15:10

ubuntucve

CVE-2023-5217

2023-09-29 00:00:00

mageia

Updated libvpx packages fix security vulnerability

2023-10-02 13:18:07

Updated Firefox and Thunderbird packages fix security vulnerabilities

2023-10-10 20:21:41

malwarebytes

Update Chrome now! Google patches another actively exploited vulnerability

2023-09-29 11:15:00

Update now! Apple patches vulnerabilities on iPhone and iPad

2023-10-05 05:00:00

mozilla

Security Vulnerability fixed in Firefox 118.0.1, Firefox ESR 115.3.1, Firefox for Android 118.1.0, Firefox Focus for Android 118.1.0, and Thunderbird 115.3.1. — Mozilla

2023-09-28 00:00:00

redhatcve

CVE-2023-5217

2023-09-28 14:24:48

mscve

Chromium: CVE-2023-5217 Heap buffer overflow in vp8 encoding in libvpx

2023-09-29 16:24:54

cisa_kev

Google Chromium libvpx Heap Buffer Overflow Vulnerability

2023-10-02 00:00:00

K000137105 : libvpx vulnerability CVE-2023-5217

2023-10-03 00:00:00

cvelist

CVE-2023-5217

2023-09-28 15:23:18

nvd

CVE-2023-5217

2023-09-28 16:15:10

freebsd

electron{22,24,25} -- Heap buffer overflow in vp8 encoding in libvpx

2023-09-28 00:00:00

chromium -- multiple vulnerabilities

2023-09-27 00:00:00

attackerkb

CVE-2023-5217

2023-09-28 00:00:00

redos

ROS-20231016-04

2023-10-16 00:00:00

alpinelinux

CVE-2023-5217

2023-09-28 16:15:10

debiancve

CVE-2023-5217

2023-09-28 16:15:10

redhat

(RHSA-2023:5534) Important: libvpx security update

2023-10-09 09:49:38

(RHSA-2023:5537) Important: libvpx security update

2023-10-09 09:52:40

(RHSA-2023:5540) Important: libvpx security update

2023-10-09 09:57:50

ubuntu

libvpx vulnerabilities

2023-11-01 00:00:00

libvpx vulnerabilities

2023-10-02 00:00:00

libvpx vulnerabilities

2023-10-23 00:00:00

oraclelinux

libvpx security update

2023-10-10 00:00:00

libvpx security update

2023-10-11 00:00:00

thunderbird security update

2023-10-06 00:00:00

almalinux

Important: libvpx security update

2023-10-09 00:00:00

Important: libvpx security update

2023-10-09 00:00:00

Important: thunderbird security update

2023-10-04 00:00:00

gentoo

libvpx: Multiple Vulnerabilities

2023-10-04 00:00:00

apple

About the security content of iOS 17.0.3 and iPadOS 17.0.3

2023-10-04 00:00:00

About the security content of iOS 16.7.1 and iPadOS 16.7.1

2023-10-10 00:00:00

cloudfoundry

USN-6403-1: libvpx vulnerabilities | Cloud Foundry

2023-10-05 00:00:00

citrix

Impact of Chromium vulnerabilities CVE-2023-4863 and CVE-2023-5217 on Cloud Software Group products

2023-10-06 20:18:12

wizblog

Critical vulnerabilities in media libraries exploited in the wild: everything you need to know

2023-10-01 13:31:06

msrc

Microsoft’s Response to Open-Source Vulnerabilities - CVE-2023-4863 and CVE-2023-5217

2023-10-02 07:00:00

chrome

Stable Channel Update for Desktop

2023-09-27 00:00:00

hivepro

Google and Firefox fixes Zero-Day Flaw Exploited in the Wild

2023-10-02 06:29:28

rosalinux

Advisory ROSA-SA-2024-2357

2024-02-20 10:26:09

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.9 High

AI Score

Confidence

High

0.245 Low

EPSS

Percentile

96.7%

JSON

Related for KLA61042