Lucene search

PRIOn knowledge basePRION:CVE-2023-37211

HistoryJul 05, 2023 - 10:15 a.m.

Memory corruption

2023-07-0510:15:00

PRIOn knowledge base

www.prio-n.com

memory corruption

firefox

thunderbird

vulnerability

arbitrary code

9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.7%

JSON

Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

CPENameOperatorVersion
debian_linuxeq10.0
debian_linuxeq11.0
debian_linuxeq12.0
firefoxlt115.0
firefox_esrlt102.13
thunderbirdlt102.13

Name	Operator	Version
debian_linux	eq	10.0
debian_linux	eq	11.0
debian_linux	eq	12.0
firefox	lt	115.0
firefox_esr	lt	102.13
thunderbird	lt	102.13

References

bugzilla.mozilla.org/buglist.cgi?bug_id=1832306%2C1834862%2C1835886%2C1836550%2C1837450

lists.debian.org/debian-lts-announce/2023/07/msg00006.html

lists.debian.org/debian-lts-announce/2023/07/msg00015.html

www.debian.org/security/2023/dsa-5450

www.debian.org/security/2023/dsa-5451

www.mozilla.org/security/advisories/mfsa2023-22/

www.mozilla.org/security/advisories/mfsa2023-23/

www.mozilla.org/security/advisories/mfsa2023-24/