A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when accessing throttled streams, the count of available bytes needs to be checked in the calling function to be within bounds. This may have led future code to be incorrect and vulnerable.

References

bugzilla.redhat.com/show_bug.cgi?id=2178460

nvd.nist.gov/vuln/detail/CVE-2023-25752

www.cve.org/CVERecord?id=CVE-2023-25752

www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25752

www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25752

cve 1

ubuntucve 1

veracode 1

prion 1

nvd 1

debiancve 1

cvelist 1

alpinelinux 1

nessus 57

amazon 1

mageia 2

redhat 16

osv 15

rocky 4

oraclelinux 6

debian 4

openvas 20

ibm 2

almalinux 4

centos 1

ubuntu 3

slackware 2

kaspersky 3

altlinux 2

mozilla 3

redos 1

gentoo 2

photon 1

cve

CVE-2023-25752

2023-06-02 17:15:11

ubuntucve

CVE-2023-25752

2023-03-15 00:00:00

veracode

Denial Of Service (DoS)

2023-03-16 15:07:12

prion

Out-of-bounds

2023-06-02 17:15:00

nvd

CVE-2023-25752

2023-06-02 17:15:11

debiancve

CVE-2023-25752

2023-06-02 17:15:11

cvelist

CVE-2023-25752

2023-06-02 00:00:00

alpinelinux

CVE-2023-25752

2023-06-02 17:15:11

nessus

Debian DSA-5375-1 : thunderbird - security update

2023-03-17 00:00:00

AlmaLinux 9 : firefox (ALSA-2023:1337)

2023-03-21 00:00:00

Oracle Linux 9 : thunderbird (ELSA-2023-1407)

2023-03-22 00:00:00

amazon

Important: thunderbird

2023-03-17 16:34:00

mageia

Updated firefox packages fix security vulnerability

2023-03-24 08:55:49

Updated thunderbird packages fix security vulnerability

2023-03-24 08:55:49

redhat

(RHSA-2023:1472) Important: thunderbird security update

2023-03-27 07:49:52

(RHSA-2023:1337) Important: firefox security update

2023-03-20 09:22:32

(RHSA-2023:1444) Important: firefox security update

2023-03-23 10:55:45

osv

Important: thunderbird security update

2023-03-28 13:07:10

Important: firefox security update

2023-03-20 00:00:00

Important: firefox security update

2023-03-20 00:00:00

rocky

firefox security update

2023-03-28 13:07:10

thunderbird security update

2023-03-28 13:07:10

thunderbird security update

2023-03-28 13:07:54

oraclelinux

firefox security update

2023-03-20 00:00:00

thunderbird security update

2023-03-22 00:00:00

firefox security update

2023-03-20 00:00:00

debian

[SECURITY] [DLA 3365-1] thunderbird security update

2023-03-20 07:44:55

[SECURITY] [DSA 5374-1] firefox-esr security update

2023-03-15 19:24:11

[SECURITY] [DLA 3364-1] firefox-esr security update

2023-03-17 13:24:29

openvas

Mozilla Thunderbird Security Advisories (MFSA2023-08, MFSA2023-11) - Mac OS X

2023-03-23 00:00:00

Debian: Security Advisory (DLA-3364-1)

2023-03-20 00:00:00

Mageia: Security Advisory (MGASA-2023-0111)

2023-03-28 00:00:00

ibm

Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 102.9ESR) have affected APM Synthetic Playback Agent

2023-05-22 10:20:09

Security Bulletin: Due to use of Mozilla Firefox, IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to multiple vulnerabilities.

2023-08-31 11:04:58

almalinux

Important: thunderbird security update

2023-03-22 00:00:00

Important: thunderbird security update

2023-03-22 00:00:00

Important: firefox security update

2023-03-20 00:00:00

centos

firefox security update

2023-03-22 14:00:31

ubuntu

Thunderbird vulnerabilities

2023-03-27 00:00:00

Firefox regressions

2023-03-27 00:00:00

Firefox vulnerabilities

2023-03-15 00:00:00

slackware

[slackware-security] mozilla-thunderbird

2023-03-17 00:39:20

[slackware-security] mozilla-firefox

2023-03-14 21:32:39

kaspersky

KLA48571 Multiple vulnerabilities in Mozilla Thunderbird

2023-03-14 00:00:00

KLA48552 Multiple vulnerabilities in Mozilla Firefox ESR

2023-03-14 00:00:00

KLA48551 Multiple vulnerabilities in Mozilla Firefox

2023-03-14 00:00:00

altlinux

Security fix for the ALT Linux 10 package thunderbird version 102.9.0-alt1

2023-03-31 00:00:00

Security fix for the ALT Linux 10 package firefox-esr version 102.9.0-alt1

2023-03-31 00:00:00

mozilla

Security Vulnerabilities fixed in Firefox ESR 102.9 — Mozilla

2023-03-14 00:00:00

Security Vulnerabilities fixed in Thunderbird 102.9 — Mozilla

2023-03-14 00:00:00

Security Vulnerabilities fixed in Firefox 111 — Mozilla

2023-03-14 00:00:00

redos

ROS-20230420-03

2023-04-20 00:00:00

gentoo

Mozilla Thunderbird: Multiple Vulnerabilities

2023-05-30 00:00:00

Mozilla Firefox: Multiple Vulnerabilities

2023-05-30 00:00:00

photon

Critical Photon OS Security Update - PHSA-2023-5.0-0035

2023-06-22 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

39.8%

JSON

Related for RH:CVE-2023-25752