Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2023-242-01
HistoryAug 30, 2023 - 10:09 p.m.

[slackware-security] mozilla-firefox

2023-08-3022:09:54
Slackware Linux Project
www.slackware.com
19

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

43.7%

JSON

New mozilla-firefox packages are available for Slackware 15.0 and -current to
fix security issues.

Here are the details from the Slackware 15.0 ChangeLog:

patches/packages/mozilla-firefox-115.2.0esr-i686-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.2.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2023-36/
https://vulners.com/cve/CVE-2023-4573
https://vulners.com/cve/CVE-2023-4574
https://vulners.com/cve/CVE-2023-4575
https://vulners.com/cve/CVE-2023-4576
https://vulners.com/cve/CVE-2023-4577
https://vulners.com/cve/CVE-2023-4051
https://vulners.com/cve/CVE-2023-4578
https://vulners.com/cve/CVE-2023-4053
https://vulners.com/cve/CVE-2023-4580
https://vulners.com/cve/CVE-2023-4581
https://vulners.com/cve/CVE-2023-4582
https://vulners.com/cve/CVE-2023-4583
https://vulners.com/cve/CVE-2023-4584
https://vulners.com/cve/CVE-2023-4585
(* Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/mozilla-firefox-115.2.0esr-i686-1_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/mozilla-firefox-115.2.0esr-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-firefox-115.2.0esr-i686-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-firefox-115.2.0esr-x86_64-1.txz

MD5 signatures:

Slackware 15.0 package:
dbcbb948acae63815c9d06189b0edece mozilla-firefox-115.2.0esr-i686-1_slack15.0.txz

Slackware x86_64 15.0 package:
8d9fdf2c7d8ee2de6ef522ebcb88b220 mozilla-firefox-115.2.0esr-x86_64-1_slack15.0.txz

Slackware -current package:
26ed53a99ec33183f3e0fb108663b626 xap/mozilla-firefox-115.2.0esr-i686-1.txz

Slackware x86_64 -current package:
b46501857adb7ac2864db72f8057c569 xap/mozilla-firefox-115.2.0esr-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg mozilla-firefox-115.2.0esr-i686-1_slack15.0.txz

Related

nessus 55
kaspersky 5
mozilla 5
openvas 17
oraclelinux 6
almalinux 4
redhat 15
osv 13
rocky 2
ubuntu 3
redos 2
debian 4
mageia 1
rosalinux 1
veracode 8
redhatcve 10
cve 8
debiancve 8
ubuntucve 9
prion 12
alpinelinux 9
cnvd 2
nessus
nessus
Mozilla Thunderbird < 115.2
2023-08-31 00:00:00
Mozilla Firefox ESR < 115.2
2023-08-29 00:00:00
Mozilla Firefox ESR < 115.2
2023-08-29 00:00:00
kaspersky
kaspersky
KLA52675 Multiple vulnerabilities in Mozilla Thunderbird
2023-08-29 00:00:00
KLA52661 Multiple vulnerabilities in Mozilla Firefox ESR
2023-08-29 00:00:00
KLA52660 Multiple vulnerabilities in Mozilla Firefox
2023-08-29 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 115.2 — Mozilla
2023-08-29 00:00:00
Security Vulnerabilities fixed in Firefox ESR 115.2 — Mozilla
2023-08-29 00:00:00
Security Vulnerabilities fixed in Firefox 117 — Mozilla
2023-08-29 00:00:00
openvas
openvas
openSUSE: Security Advisory for MozillaFirefox (SUSE-SU-2023:3519-1)
2024-03-04 00:00:00
Slackware: Security Advisory (SSA:2023-242-01)
2023-08-31 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:3559-1)
2023-09-11 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2023-09-06 00:00:00
firefox security update
2023-09-07 00:00:00
firefox security update
2023-09-06 00:00:00
almalinux
almalinux
Important: thunderbird security update
2023-09-04 00:00:00
Important: firefox security update
2023-09-04 00:00:00
Important: firefox security update
2023-09-04 00:00:00
redhat
redhat
(RHSA-2023:5019) Important: firefox security update
2023-09-07 11:24:08
(RHSA-2023:4954) Important: thunderbird security update
2023-09-04 15:04:42
(RHSA-2023:4949) Important: firefox security update
2023-09-04 15:04:10
osv
osv
Important: firefox security update
2023-10-06 22:57:16
Important: thunderbird security update
2023-10-06 22:57:16
Important: firefox security update
2023-09-04 00:00:00
rocky
rocky
thunderbird security update
2023-10-06 22:57:16
firefox security update
2023-10-06 22:57:16
ubuntu
ubuntu
Firefox vulnerabilities
2023-08-30 00:00:00
Thunderbird vulnerabilities
2023-09-14 00:00:00
Thunderbird vulnerabilities
2023-10-03 00:00:00
redos
redos
ROS-20230919-02
2023-09-19 00:00:00
ROS-20230919-01
2023-09-19 00:00:00
debian
debian
[SECURITY] [DSA 5485-1] firefox-esr security update
2023-08-30 17:55:23
[SECURITY] [DSA 5488-1] thunderbird security update
2023-09-03 11:55:21
[SECURITY] [DLA 3554-1] thunderbird security update
2023-09-05 09:04:55
mageia
mageia
Updated firefox/thunderbird packages fix security vulnerability
2023-09-25 01:16:18
rosalinux
rosalinux
Advisory ROSA-SA-2024-2371
2024-03-12 12:37:38
veracode
veracode
Memory Corruption
2023-09-03 12:42:40
Information Disclosure
2023-09-03 12:40:56
Use After Free
2023-09-03 12:45:25
redhatcve
redhatcve
CVE-2023-4585
2023-08-30 10:16:10
CVE-2023-4583
2023-08-30 10:16:03
CVE-2023-4584
2023-08-30 10:16:09
cve
cve
CVE-2023-4583
2023-09-11 09:15:09
CVE-2023-4585
2023-09-11 09:15:09
CVE-2023-4584
2023-09-11 09:15:09
debiancve
debiancve
CVE-2023-4585
2023-09-11 09:15:09
CVE-2023-4583
2023-09-11 09:15:09
CVE-2023-4584
2023-09-11 09:15:09
ubuntucve
ubuntucve
CVE-2023-4585
2023-08-30 00:00:00
CVE-2023-4583
2023-08-30 00:00:00
CVE-2023-4580
2023-08-30 00:00:00
prion
prion
Design/Logic Flaw
2023-09-11 09:15:00
Memory corruption
2023-09-11 09:15:00
Memory corruption
2023-09-11 09:15:00
alpinelinux
alpinelinux
CVE-2023-4583
2023-09-11 09:15:09
CVE-2023-4585
2023-09-11 09:15:09
CVE-2023-4574
2023-09-11 09:15:09
cnvd
cnvd
Mozilla Firefox ESR Memory Corrupted Code Execution Vulnerability (CNVD-2023-75345)
2023-09-04 00:00:00
Mozilla Firefox Code Problem Vulnerability (CNVD-2023-75344)
2023-09-05 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

43.7%

JSON
Related for SSA-2023-242-01
nessus55kaspersky5mozilla5openvas17oraclelinux6almalinux4redhat15osv13rocky2ubuntu3redos2debian4mageia1rosalinux1veracode8redhatcve10cve8debiancve8ubuntucve9prion12alpinelinux9cnvd2