CVE-2023-32208

Related Files

Ubuntu Security Notice USN-6074-3

Posted May 24, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6074-3 - USN-6074-1 fixed vulnerabilities and USN-6074-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service. Anne van Kesteren discovered that Firefox did not properly validate the import call in service workers. An attacker could potentially exploits this to obtain sensitive information. Sam Ezeh discovered that Firefox did not properly handle certain favicon image files. If a user were tricked into opening a malicious favicon file, an attacker could cause a denial of service.

tags | advisory, denial of service, arbitrary, vulnerability

systems | linux, ubuntu

advisories | CVE-2023-32206, CVE-2023-32207, CVE-2023-32208, CVE-2023-32209, CVE-2023-32213

SHA-256 | 7d3fa9c2c23bb5c2e2deadaf33571680848e749c4924a7ad19facbb363e58246

Download | Favorite | View

Ubuntu Security Notice USN-6074-2

Posted May 16, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6074-2 - USN-6074-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploit this issue to cause a denial of service. Anne van Kesteren discovered that Firefox did not properly validate the import call in service workers. An attacker could potentially exploits this to obtain sensitive information. Sam Ezeh discovered that Firefox did not properly handle certain favicon image files. If a user were tricked into opening a malicious favicon file, an attacker could cause a denial of service.

tags | advisory, denial of service, arbitrary, vulnerability

systems | linux, ubuntu

advisories | CVE-2023-32206, CVE-2023-32207, CVE-2023-32208, CVE-2023-32209, CVE-2023-32213

SHA-256 | be35037deca33185914fe3d4b6a489c1de444844ca549786e8b7daf7a89d3ebc

Download | Favorite | View

Ubuntu Security Notice USN-6074-1

Posted May 15, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6074-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32208, CVE-2023-32209, CVE-2023-32210, CVE-2023-32213, CVE-2023-32215

SHA-256 | 346f81631285f22c865ab7b35478e031cee120caa1ae43a62cf551e1b82e5769

Download | Favorite | View