RedosROS-20230919-01ROS-20230919-01
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
38.2%
Vulnerability of FilePickerShownCallback function in Mozilla Firefox, Firefox ESR and Thunderbird e-mail client
Thunderbird is related to memory usage after it is freed. Exploitation of the vulnerability could
allow a remote attacker to affect the confidentiality, integrity, and availability of protected information.
availability of protected information.
Vulnerability in UpdateRegExpStatics function of Mozilla Firefox, Firefox ESR and Thunderbird email client.
Thunderbird is related to the operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could
allow a remote attacker to execute arbitrary code.
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to an integer overflow, which allows an attacker to remotely execute arbitrary code.
integer overflow, allowing an attacker to execute arbitrary code.
Vulnerability in IPC CanvasTranslator component of Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of memory after the use of integer overflow, which allows an attacker to execute arbitrary code.
Thunderbird is related to memory usage after it has been freed. Exploitation of the vulnerability could
allow a remote attacker to affect the confidentiality, integrity, and availability of protected information.
availability of protected information.
A vulnerability in the privacy mode of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers
is related to the lack of protection for proprietary data. Exploitation of the vulnerability could allow an attacker,
remotely to gain access to sensitive information.
Vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird mail client is related to an operation exceeding the memory buffer boundaries.
operation beyond the memory buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code.
to execute arbitrary code remotely.
Vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to
insufficient warning of dangerous behavior. Exploitation of the vulnerability could allow an attacker,
acting remotely, to download arbitrary files.
Vulnerability in the ColorPickerShownCallback feature of Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of memory after the use of a memory sticker in the Mozilla Firefox, Firefox ESR and Thunderbird email client.
Thunderbird is related to memory usage after it is freed. Exploitation of the vulnerability could
allow a remote attacker to affect the confidentiality, integrity, and availability of protected information.
availability of protected information.
Mozilla Firefox browser vulnerability is related to insufficient input validation. Exploitation
vulnerability could allow a remote intruder to perform a spoofing attack.
Firefox browsers vulnerability is related to memory usage after memory is freed .Exploitation of the vulnerability could allow an attacker acting remotely to perform a spoofing attack.
vulnerability could allow an attacker acting remotely to cause memory corruption or a
a potentially dangerous crash.
A vulnerability in the glGetProgramiv function of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers
is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow
an attacker acting remotely to affect confidentiality, integrity and availability of protected information.
of protected information.
Push notification vulnerability in Mozilla Firefox and Firefox ESR browsers and Thunderbird email client
is related to open storage of information. Exploitation of the vulnerability allows an attacker acting remotely to gain access to confidential information.
remotely to gain access to sensitive information.
Vulnerability in the SpiderMonkey JavaScript script handler of Mozilla Firefox, Firefox ESR and Thunderbird email client is related to open storage of information.
Thunderbird email client is associated with uncontrolled resource consumption. Exploitation of the vulnerability
could allow a remote attacker to cause a denial of service.
Related
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
38.2%