exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

CVE-2023-34414

Status Candidate

Overview

The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a site with a certificate error and made the renderer extremely busy at the same time, it could create a gap between when the error page was loaded and when the display actually refreshed. With the right timing the elicited clicks could land in that gap and activate the button that overrides the certificate error for that site. This vulnerability affects Firefox ESR < 102.12, Firefox < 114, and Thunderbird < 102.12.

Related Files

Ubuntu Security Notice USN-6214-1
Posted Jul 11, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6214-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. P Umar Farooq discovered that Thunderbird did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicious Diagcab file, an attacker could execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-34414, CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208
SHA-256 | 632510b7ad5f4bba744eb7afbe58717906b3533fa418bcf6ffd3dc64704f32f6
Download | Favorite | View
Red Hat Security Advisory 2023-3596-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3596-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | f74f8e473607e01802dc7fd29e5994466a71002a4ee48365cbdbf3a905060af3
Download | Favorite | View
Red Hat Security Advisory 2023-3578-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3578-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | 53ec15598e5617bd329d3ed848abf54795791303f49b177a799c8ced01c92ea7
Download | Favorite | View
Red Hat Security Advisory 2023-3588-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3588-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | fe99756595d95191f33566b3abdaf7c33e6b8b7f452e7501a97a83a5e99b3db1
Download | Favorite | View
Red Hat Security Advisory 2023-3597-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3597-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | 3ca3cbfc0f3e5ec74e169e48c487ba543ab8cb86c501e6fa6d73645c8492b58f
Download | Favorite | View
Red Hat Security Advisory 2023-3579-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3579-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | 65c401e15d158771452c6c523f7ddb45659d4738d75cf6ae20618bfe6d5f6330
Download | Favorite | View
Red Hat Security Advisory 2023-3587-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3587-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | 43f41563b68070aea3255c221916c4c5d91763f2b296be9c46f3a908bd29bba2
Download | Favorite | View
Red Hat Security Advisory 2023-3589-01
Posted Jun 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3589-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | fab3400489369dca52168542dd65f0ae858bc7b74c29d8d258839848297494d7
Download | Favorite | View
Red Hat Security Advisory 2023-3590-01
Posted Jun 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3590-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | 1c13c6b69c6679c55b35c6cd797e4536f4c53384a8d8043be09fd21d66ba4074
Download | Favorite | View
Red Hat Security Advisory 2023-3562-01
Posted Jun 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3562-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | e031b1d9ac3d9f8d741b9311f6c5adb5cb6ee172e17082c8fb86accbd30856dd
Download | Favorite | View
Red Hat Security Advisory 2023-3561-01
Posted Jun 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3561-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | 84b20333bf96e957ca4a1021a4cea77752bf0538d0c9e9f4ab8bc81ebfd16ff5
Download | Favorite | View
Red Hat Security Advisory 2023-3563-01
Posted Jun 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3563-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | 3c106b724d441b435a76e70e571625c9445fe94642d0c871b667155354c2915d
Download | Favorite | View
Red Hat Security Advisory 2023-3567-01
Posted Jun 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3567-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | 86989de3ea3c22b5d84ce6244ee4964d7baf1f9978c3ef3e3e2ae1938d52471a
Download | Favorite | View
Red Hat Security Advisory 2023-3560-01
Posted Jun 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3560-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | c5553f60d776b95b4c1efa9c9d45972c2cb37707da84b434ad0462e11a0aab20
Download | Favorite | View
Red Hat Security Advisory 2023-3566-01
Posted Jun 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3566-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | 361553711b273bcfad067c2103c75995844b5cf30e939dad38d26e254785801f
Download | Favorite | View
Red Hat Security Advisory 2023-3565-01
Posted Jun 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3565-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | 40a95b3a2fe93bd61122f609278b22f874d2a80c5293385a2a25df06928f7661
Download | Favorite | View
Red Hat Security Advisory 2023-3564-01
Posted Jun 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3564-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | 4285bcaa2639ed941e479ed52a31a96baeef0ee6f9d2380238b28762faee614f
Download | Favorite | View
Debian Security Advisory 5423-1
Posted Jun 12, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5423-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | 39fd28a4e51cf92b07dc048ec4a3a557fdc8493c2998b7bbf52cfb0d34f5d018
Download | Favorite | View
Debian Security Advisory 5421-1
Posted Jun 8, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5421-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2023-34414, CVE-2023-34416
SHA-256 | 6215f41254a13b2b6677dbed490abae033a0665d1a96278abf15238bb06a67f6
Download | Favorite | View
Ubuntu Security Notice USN-6143-1
Posted Jun 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6143-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jun Kokatsu discovered that Firefox did not properly validate site-isolated process for a document loaded from a data: URL that was the result of a redirect, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-34414, CVE-2023-34415, CVE-2023-34416, CVE-2023-34417
SHA-256 | bd9ffeca01911fb13e117e8a1a7783e4a6fcfb21b1709f4dca9749fb6a00db42
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

December 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close