Lucene search
PRIOn knowledge basePRION:CVE-2023-37207HistoryJul 05, 2023 - 9:15 a.m.
Design/Logic Flaw
2023-07-0509:15:00
PRIOn knowledge base
www.prio-n.com
14
website
notification
user confusion
spoofing attacks
firefox
thunderbird
vulnerability
A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 10.0 | |
| debian_linux | eq | 11.0 | |
| debian_linux | eq | 12.0 | |
| firefox | lt | 115.0 | |
| firefox_esr | lt | 102.13 | |
| thunderbird | lt | 102.13 |
References
bugzilla.mozilla.org/show_bug.cgi?id=1816287
lists.debian.org/debian-lts-announce/2023/07/msg00006.html
lists.debian.org/debian-lts-announce/2023/07/msg00015.html
www.debian.org/security/2023/dsa-5450
www.debian.org/security/2023/dsa-5451
www.mozilla.org/security/advisories/mfsa2023-22/
www.mozilla.org/security/advisories/mfsa2023-23/
www.mozilla.org/security/advisories/mfsa2023-24/
Related
cvelist
cvelist
CVE-2023-37207
2023-07-05 08:52:52
veracode
veracode
Unsafe Reflection
2023-08-06 22:04:48
redhatcve
redhatcve
CVE-2023-37207
2023-07-05 06:47:36
nvd
nvd
CVE-2023-37207
2023-07-05 09:15:09
debiancve
debiancve
CVE-2023-37207
2023-07-05 09:15:09
ubuntucve
ubuntucve
CVE-2023-37207
2023-07-05 00:00:00
cve
cve
CVE-2023-37207
2023-07-05 09:15:09
alpinelinux
alpinelinux
CVE-2023-37207
2023-07-05 09:15:09
debian
debian
[SECURITY] [DLA 3490-1] thunderbird security update
2023-07-11 07:27:23
[SECURITY] [DLA 3484-1] firefox-esr security update
2023-07-07 22:05:25
[SECURITY] [DSA 5450-1] firefox-esr security update
2023-07-07 17:43:57
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0235)
2023-07-20 00:00:00
Debian: Security Advisory (DSA-5450-1)
2023-07-10 00:00:00
Slackware: Security Advisory (SSA:2023-188-01)
2023-07-10 00:00:00
nessus
nessus
Debian DSA-5450-1 : firefox-esr - security update
2023-07-08 00:00:00
Debian DLA-3484-1 : firefox-esr - LTS security update
2023-07-08 00:00:00
RHEL 8 : thunderbird (RHSA-2023:4067)
2023-07-13 00:00:00
redhat
redhat
(RHSA-2023:4069) Important: firefox security update
2023-07-13 07:34:22
(RHSA-2023:4067) Important: thunderbird security update
2023-07-13 07:33:19
(RHSA-2023:4070) Important: firefox security update
2023-07-13 07:34:27
osv
osv
Important: thunderbird security update
2023-07-13 00:00:00
Important: firefox security update
2023-07-13 00:00:00
Important: firefox security update
2023-07-13 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2023-07-17 00:00:00
firefox security update
2023-07-17 00:00:00
firefox security update
2023-07-17 00:00:00
mageia
mageia
Updated firefox/nss packages fix security vulnerability
2023-07-19 22:53:31
almalinux
almalinux
Important: firefox security update
2023-07-13 00:00:00
Important: thunderbird security update
2023-07-13 00:00:00
Important: thunderbird security update
2023-07-13 00:00:00
rocky
rocky
firefox security update
2023-08-31 16:54:34
thunderbird security update
2023-08-31 16:54:34
firefox security update
2023-07-19 17:53:48
slackware
slackware
[slackware-security] mozilla-thunderbird
2023-07-07 23:09:17
[slackware-security] mozilla-firefox
2023-07-04 20:26:36
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 102.13 — Mozilla
2023-07-04 00:00:00
Security Vulnerabilities fixed in Thunderbird 102.13 — Mozilla
2023-07-04 00:00:00
Security Vulnerabilities fixed in Firefox 115 — Mozilla
2023-07-04 00:00:00
kaspersky
kaspersky
KLA50558 Multiple vulnerabilities in Mozilla Firefox ESR
2023-07-04 00:00:00
KLA50559 Multiple vulnerabilities in Mozilla Thunderbird
2023-07-04 00:00:00
KLA50557 Multiple vulnerabilities in Mozilla Firefox
2023-07-04 00:00:00
amazon
amazon
Important: thunderbird
2023-07-20 17:28:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2023-07-11 00:00:00
Firefox vulnerabilities
2023-07-05 00:00:00
redos
redos
ROS-20230908-07
2023-09-08 00:00:00
ROS-20230919-04
2023-09-19 00:00:00
gentoo
gentoo
Mozilla Thunderbird: Multiple Vulnerabilities
2024-02-19 00:00:00
ibm
ibm