Mozilla Products Remote Code Execution Vulnerability
Release Date:
3 Oct 2023
4486
Views
RISK: Extremely High Risk
TYPE: Clients - Browsers
A vulnerability was identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to denial of service and remote code execution on the targeted system.
Note:
CVE-2023-5217: Heap buffer overflow in libvpx. It is aware that an exploit for CVE-2023-5217 exists in the wild.
Impact
- Denial of Service
- Remote Code Execution
System / Technologies affected
Versions prior to:
- Firefox 118.0.1
- Firefox ESR 115.3.1
- Firefox Focus for Android 118.1
- Firefox for Android 118.1
- Thunderbird 115.3.1
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- Firefox 118.0.1
- Firefox ESR 115.3.1
- Firefox Focus for Android 118.1
- Firefox for Android 118.1
- Thunderbird 115.3.1
Vulnerability Identifier
Source
Related Link
Share with