Mozilla Products Remote Code Execution Vulnerability
Release Date:
13 Sep 2023
5494
Views
RISK: Extremely High Risk
TYPE: Clients - Browsers
A vulnerability was identified in Mozilla Products, a remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.
Note:
For CVE-2023-4863, heap buffer overflow in WebP may lead to arbitrary code execution. It is aware that an exploit for CVE-2023-4863 exists in the wild.
Impact
- Remote Code Execution
System / Technologies affected
Versions prior to:
- Firefox 117.0.1
- Firefox ESR 115.2.1
- Firefox ESR 102.15.1
- Thunderbird 102.15.1
- Thunderbird 115.2.2
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- Firefox 117.0.1
- Firefox ESR 115.2.1
- Firefox ESR 102.15.1
- Thunderbird 102.15.1
- Thunderbird 115.2.2
Vulnerability Identifier
Source
Related Link
Related Tags
Share with