When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

CPENameOperatorVersion
firefoxlt111.0
firefox_esrlt102.9
thunderbirdlt102.9

Name	Operator	Version
firefox	lt	111.0
firefox_esr	lt	102.9
thunderbird	lt	102.9

References

bugzilla.mozilla.org/show_bug.cgi?id=1811627

www.mozilla.org/security/advisories/mfsa2023-09/

www.mozilla.org/security/advisories/mfsa2023-10/

www.mozilla.org/security/advisories/mfsa2023-11/

cve 1

ubuntucve 1

veracode 1

nvd 1

debiancve 1

cvelist 1

redhatcve 1

alpinelinux 1

nessus 57

amazon 1

mageia 2

redhat 16

osv 15

rocky 4

oraclelinux 6

debian 4

openvas 20

ibm 2

almalinux 4

centos 1

ubuntu 3

slackware 2

kaspersky 3

altlinux 2

mozilla 3

redos 1

gentoo 2

photon 1

cve

CVE-2023-25752

2023-06-02 17:15:11

ubuntucve

CVE-2023-25752

2023-03-15 00:00:00

veracode

Denial Of Service (DoS)

2023-03-16 15:07:12

nvd

CVE-2023-25752

2023-06-02 17:15:11

debiancve

CVE-2023-25752

2023-06-02 17:15:11

cvelist

CVE-2023-25752

2023-06-02 00:00:00

redhatcve

CVE-2023-25752

2023-03-15 04:43:28

alpinelinux

CVE-2023-25752

2023-06-02 17:15:11

nessus

Debian DSA-5375-1 : thunderbird - security update

2023-03-17 00:00:00

RHEL 7 : firefox (RHSA-2023:1333)

2023-03-20 00:00:00

AlmaLinux 9 : firefox (ALSA-2023:1337)

2023-03-21 00:00:00

amazon

Important: thunderbird

2023-03-17 16:34:00

mageia

Updated firefox packages fix security vulnerability

2023-03-24 08:55:49

Updated thunderbird packages fix security vulnerability

2023-03-24 08:55:49

redhat

(RHSA-2023:1472) Important: thunderbird security update

2023-03-27 07:49:52

(RHSA-2023:1337) Important: firefox security update

2023-03-20 09:22:32

(RHSA-2023:1444) Important: firefox security update

2023-03-23 10:55:45

osv

Important: thunderbird security update

2023-03-28 13:07:10

Important: thunderbird security update

2023-03-22 00:00:00

Important: firefox security update

2023-03-20 00:00:00

rocky

firefox security update

2023-03-28 13:07:10

thunderbird security update

2023-03-28 13:07:10

thunderbird security update

2023-03-28 13:07:54

oraclelinux

firefox security update

2023-03-20 00:00:00

thunderbird security update

2023-03-22 00:00:00

firefox security update

2023-03-20 00:00:00

debian

[SECURITY] [DLA 3365-1] thunderbird security update

2023-03-20 07:44:55

[SECURITY] [DLA 3364-1] firefox-esr security update

2023-03-17 13:24:29

[SECURITY] [DSA 5375-1] thunderbird security update

2023-03-17 09:43:37

openvas

Debian: Security Advisory (DLA-3364-1)

2023-03-20 00:00:00

Mozilla Thunderbird Security Advisories (MFSA2023-08, MFSA2023-11) - Mac OS X

2023-03-23 00:00:00

Mageia: Security Advisory (MGASA-2023-0116)

2023-03-28 00:00:00

ibm

Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 102.9ESR) have affected APM Synthetic Playback Agent

2023-05-22 10:20:09

Security Bulletin: Due to use of Mozilla Firefox, IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to multiple vulnerabilities.

2023-08-31 11:04:58

almalinux

Important: firefox security update

2023-03-20 00:00:00

Important: firefox security update

2023-03-20 00:00:00

Important: thunderbird security update

2023-03-22 00:00:00

centos

firefox security update

2023-03-22 14:00:31

ubuntu

Thunderbird vulnerabilities

2023-03-27 00:00:00

Firefox vulnerabilities

2023-03-15 00:00:00

Firefox regressions

2023-03-27 00:00:00

slackware

[slackware-security] mozilla-thunderbird

2023-03-17 00:39:20

[slackware-security] mozilla-firefox

2023-03-14 21:32:39

kaspersky

KLA48571 Multiple vulnerabilities in Mozilla Thunderbird

2023-03-14 00:00:00

KLA48552 Multiple vulnerabilities in Mozilla Firefox ESR

2023-03-14 00:00:00

KLA48551 Multiple vulnerabilities in Mozilla Firefox

2023-03-14 00:00:00

altlinux

Security fix for the ALT Linux 10 package thunderbird version 102.9.0-alt1

2023-03-31 00:00:00

Security fix for the ALT Linux 10 package firefox-esr version 102.9.0-alt1

2023-03-31 00:00:00

mozilla

Security Vulnerabilities fixed in Firefox ESR 102.9 — Mozilla

2023-03-14 00:00:00

Security Vulnerabilities fixed in Thunderbird 102.9 — Mozilla

2023-03-14 00:00:00

Security Vulnerabilities fixed in Firefox 111 — Mozilla

2023-03-14 00:00:00

redos

ROS-20230420-03

2023-04-20 00:00:00

gentoo

Mozilla Thunderbird: Multiple Vulnerabilities

2023-05-30 00:00:00

Mozilla Firefox: Multiple Vulnerabilities

2023-05-30 00:00:00

photon

Critical Photon OS Security Update - PHSA-2023-5.0-0035

2023-06-22 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.9%

JSON

Related for PRION:CVE-2023-25752