7 matches found
Astra Linux – Vulnerability in Firefox and Thunderbird
Memory safety bugs exist in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...
Linux Distros Unpatched Vulnerability : CVE-2023-5170
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This...
DEBIAN-CVE-2023-5169
A compromised content process could have provided malicious data in a PathRecording resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3...
CVE-2023-5172
A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox 118...
CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...
CVE-2023-5175
During process shutdown, it was possible that an ImageBitmap was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox 118...
UBUNTU-CVE-2023-5174
If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. This bug only affects Firefox on Windows when run in non-standard configurations such as using runas...