An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox < 117, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

References

bugzilla.mozilla.org/show_bug.cgi?id=1690979

bugzilla.mozilla.org/show_bug.cgi?id=1836962

lists.debian.org/debian-lts-announce/2023/10/msg00037.html

lists.debian.org/debian-lts-announce/2023/10/msg00042.html

www.debian.org/security/2023/dsa-5535

www.debian.org/security/2023/dsa-5538

www.mozilla.org/security/advisories/mfsa2023-34/

www.mozilla.org/security/advisories/mfsa2023-46/

www.mozilla.org/security/advisories/mfsa2023-47/

veracode 1

alpinelinux 1

prion 1

debiancve 1

cve 1

ubuntucve 1

redhatcve 1

cvelist 1

nvd 1

osv 11

nessus 50

ubuntu 1

openvas 17

redos 1

debian 4

mageia 2

amazon 1

redhat 13

almalinux 4

rocky 1

oraclelinux 6

mozilla 3

kaspersky 3

slackware 2

gentoo 1

ibm 1

veracode

Spoofing Attacks

2023-10-27 21:03:54

alpinelinux

CVE-2023-5732

2023-10-25 18:17:44

prion

Code injection

2023-10-25 18:17:00

debiancve

CVE-2023-5732

2023-10-25 18:17:44

cve

CVE-2023-5732

2023-10-25 18:17:44

ubuntucve

CVE-2023-5732

2023-10-25 00:00:00

redhatcve

CVE-2023-5732

2023-10-24 18:28:46

cvelist

CVE-2023-5732

2023-10-24 12:47:17

nvd

CVE-2023-5732

2023-10-25 18:17:44

osv

firefox-esr - security update

2023-10-25 00:00:00

thunderbird - security update

2023-10-27 00:00:00

thunderbird vulnerabilities

2023-11-02 03:30:29

nessus

Debian DLA-3632-1 : firefox-esr - LTS security update

2023-10-27 00:00:00

Debian DLA-3637-1 : thunderbird - LTS security update

2023-10-29 00:00:00

Debian DSA-5538-1 : thunderbird - security update

2023-10-28 00:00:00

ubuntu

Thunderbird vulnerabilities

2023-11-02 00:00:00

openvas

Ubuntu: Security Advisory (USN-6468-1)

2023-11-03 00:00:00

Mageia: Security Advisory (MGASA-2023-0309)

2023-11-07 00:00:00

Mageia: Security Advisory (MGASA-2023-0308)

2023-11-07 00:00:00

redos

ROS-20240924-01

2024-09-24 00:00:00

debian

[SECURITY] [DSA 5538-1] thunderbird security update

2023-10-28 12:34:11

[SECURITY] [DLA 3632-1] firefox-esr security update

2023-10-27 06:39:45

[SECURITY] [DLA 3637-1] thunderbird security update

2023-10-29 09:05:55

mageia

Updated thunderbird packages fix security vulnerabilities

2023-11-07 02:08:32

Updated nss and firefox packages fix security vulnerabilities

2023-11-07 02:08:32

amazon

Important: thunderbird

2023-11-09 19:19:00

redhat

(RHSA-2023:6186) Important: firefox security update

2023-10-30 16:29:47

(RHSA-2023:6198) Important: thunderbird security update

2023-10-30 16:41:10

(RHSA-2023:6199) Important: firefox security update

2023-10-30 16:41:42

almalinux

Important: firefox security update

2023-10-30 00:00:00

Important: firefox security update

2023-10-30 00:00:00

Important: thunderbird security update

2023-10-30 00:00:00

rocky

firefox security update

2023-11-11 23:00:15

oraclelinux

firefox security update

2023-10-30 00:00:00

firefox security update

2023-10-30 00:00:00

thunderbird security update

2023-10-31 00:00:00

mozilla

Security Vulnerabilities fixed in Thunderbird 115.4.1 — Mozilla

2023-10-24 00:00:00

Security Vulnerabilities fixed in Firefox ESR 115.4 — Mozilla

2023-10-24 00:00:00

Security Vulnerabilities fixed in Firefox 117 — Mozilla

2023-08-29 00:00:00

kaspersky

KLA61570 Multiple vulnerabilities in Mozilla Thunderbird

2023-10-24 00:00:00

KLA61569 Multiple vulnerabilities in Mozilla Firefox ESR

2023-10-24 00:00:00

KLA52660 Multiple vulnerabilities in Mozilla Firefox

2023-08-29 00:00:00

slackware

[slackware-security] mozilla-thunderbird

2023-10-26 20:00:50

[slackware-security] mozilla-firefox

2023-10-24 22:27:04

gentoo

Mozilla Thunderbird: Multiple Vulnerabilities

2024-02-19 00:00:00

ibm

Security Bulletin: Multiple Vulnerabilities in IBM Cloud Pak for Multicloud Management

2024-02-28 21:30:18

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

5.9

Confidence

Low

EPSS

0.001

Percentile

41.3%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2023-5732