When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. The Firefox updater created a directory writable by non-privileged users. #CVE-2023-4052: File deletion and privilege escalation through Firefox uninstaller Reporter ycdxsb Impact moderate Description This resulted in a potentially exploitable crash which could have led to a sandbox escape. In some cases, an untrusted input stream was copied to a stack buffer without checking its size. #CVE-2023-4050: Stack buffer overflow in StorageManager Reporter Mark Brand Impact high Description These could have resulted in potentially exploitable use-after-free vulnerabilities. Race conditions in reference counting code were found through code inspection. #CVE-2023-4049: Fix potential race conditions when releasing platform objects Reporter Nika Layzell Impact high Description #CVE-2023-4048: Crash in DOMParser due to out-of-memory conditions Reporter Irvan Kurniawan Impact high DescriptionĪn out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. #CVE-2023-4047: Potential permissions request bypass via clickjacking Reporter Axel Chong Impact high DescriptionĪ bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This resulted in incorrect compilation and a potentially exploitable crash in the content process. In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. #CVE-2023-4046: Incorrect value used during WASM compilation Reporter Alexander Guryanov Impact high Description Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. #CVE-2023-4045: Offscreen Canvas could have bypassed cross-origin restrictions Reporter Max Vlasov Impact high Description Mozilla Foundation Security Advisory 2023-31 Security Vulnerabilities fixed in Firefox ESR 115.1 Announced AugImpact high Products Firefox ESR Fixed in
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |