Lucene search

PRIOn knowledge basePRION:CVE-2023-6212

HistoryNov 21, 2023 - 3:15 p.m.

Memory corruption

2023-11-2115:15:00

PRIOn knowledge base

www.prio-n.com

security vulnerability

memory corruption

arbitrary code execution

firefox 119

firefox esr 115.4

thunderbird 115.4

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.3%

JSON

Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

CPENameOperatorVersion
debian_linuxeq10.0
debian_linuxeq11.0
debian_linuxeq12.0
firefoxlt120.0
firefox_esrlt115.5.0
thunderbirdlt115.5

Name	Operator	Version
debian_linux	eq	10.0
debian_linux	eq	11.0
debian_linux	eq	12.0
firefox	lt	120.0
firefox_esr	lt	115.5.0
thunderbird	lt	115.5

References

bugzilla.mozilla.org/buglist.cgi?bug_id=1658432%2C1820983%2C1829252%2C1856072%2C1856091%2C1859030%2C1860943%2C1862782

lists.debian.org/debian-lts-announce/2023/11/msg00017.html

lists.debian.org/debian-lts-announce/2023/11/msg00030.html

www.debian.org/security/2023/dsa-5561

www.mozilla.org/security/advisories/mfsa2023-49/

www.mozilla.org/security/advisories/mfsa2023-50/

www.mozilla.org/security/advisories/mfsa2023-52/