Showing 1 - 22 of 22

CVE-2023-34414

Status Candidate

Overview

The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a site with a certificate error and made the renderer extremely busy at the same time, it could create a gap between when the error page was loaded and when the display actually refreshed. With the right timing the elicited clicks could land in that gap and activate the button that overrides the certificate error for that site. This vulnerability affects Firefox ESR < 102.12, Firefox < 114, and Thunderbird < 102.12.

Related Files

Gentoo Linux Security Advisory 202401-10: Posted Jan 8, 2024; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202401-10 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could lead to remote code execution. Versions greater than or equal to 115.6.0:esr are affected.; tags | advisory, remote, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32208, CVE-2023-32209, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32214, CVE-2023-32215, CVE-2023-32216, CVE-2023-34414, CVE-2023-34415; SHA-256 | 53bf0705601dd338f28fb099f702f849b8f5d0320d2b9b985d789952f2af0b42; Download | Favorite | View

Gentoo Linux Security Advisory 202312-03: Posted Dec 20, 2023; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202312-3 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 102.12 are affected.; tags | advisory, remote, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32214, CVE-2023-32215, CVE-2023-34414, CVE-2023-34416; SHA-256 | f8ac609d52968c33edb33a5473d56980c6903abb5b1b5579ef50801f710c46bf; Download | Favorite | View

Ubuntu Security Notice USN-6214-1: Posted Jul 11, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6214-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. P Umar Farooq discovered that Thunderbird did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicious Diagcab file, an attacker could execute arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2023-34414, CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208; SHA-256 | 632510b7ad5f4bba744eb7afbe58717906b3533fa418bcf6ffd3dc64704f32f6; Download | Favorite | View

Red Hat Security Advisory 2023-3596-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3596-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | f74f8e473607e01802dc7fd29e5994466a71002a4ee48365cbdbf3a905060af3; Download | Favorite | View

Red Hat Security Advisory 2023-3578-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3578-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.; tags | advisory, web; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | 53ec15598e5617bd329d3ed848abf54795791303f49b177a799c8ced01c92ea7; Download | Favorite | View

Red Hat Security Advisory 2023-3588-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3588-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | fe99756595d95191f33566b3abdaf7c33e6b8b7f452e7501a97a83a5e99b3db1; Download | Favorite | View

Red Hat Security Advisory 2023-3597-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3597-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.; tags | advisory, web; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | 3ca3cbfc0f3e5ec74e169e48c487ba543ab8cb86c501e6fa6d73645c8492b58f; Download | Favorite | View

Red Hat Security Advisory 2023-3579-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3579-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.; tags | advisory, web; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | 65c401e15d158771452c6c523f7ddb45659d4738d75cf6ae20618bfe6d5f6330; Download | Favorite | View

Red Hat Security Advisory 2023-3587-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3587-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | 43f41563b68070aea3255c221916c4c5d91763f2b296be9c46f3a908bd29bba2; Download | Favorite | View

Red Hat Security Advisory 2023-3589-01: Posted Jun 15, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3589-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.; tags | advisory, web; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | fab3400489369dca52168542dd65f0ae858bc7b74c29d8d258839848297494d7; Download | Favorite | View

Red Hat Security Advisory 2023-3590-01: Posted Jun 15, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3590-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.; tags | advisory, web; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | 1c13c6b69c6679c55b35c6cd797e4536f4c53384a8d8043be09fd21d66ba4074; Download | Favorite | View

Red Hat Security Advisory 2023-3562-01: Posted Jun 15, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3562-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.; tags | advisory, web; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | e031b1d9ac3d9f8d741b9311f6c5adb5cb6ee172e17082c8fb86accbd30856dd; Download | Favorite | View

Red Hat Security Advisory 2023-3561-01: Posted Jun 15, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3561-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.; tags | advisory, web; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | 84b20333bf96e957ca4a1021a4cea77752bf0538d0c9e9f4ab8bc81ebfd16ff5; Download | Favorite | View

Red Hat Security Advisory 2023-3563-01: Posted Jun 15, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3563-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | 3c106b724d441b435a76e70e571625c9445fe94642d0c871b667155354c2915d; Download | Favorite | View

Red Hat Security Advisory 2023-3567-01: Posted Jun 15, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3567-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | 86989de3ea3c22b5d84ce6244ee4964d7baf1f9978c3ef3e3e2ae1938d52471a; Download | Favorite | View

Red Hat Security Advisory 2023-3560-01: Posted Jun 15, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3560-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR.; tags | advisory, web; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | c5553f60d776b95b4c1efa9c9d45972c2cb37707da84b434ad0462e11a0aab20; Download | Favorite | View

Red Hat Security Advisory 2023-3566-01: Posted Jun 15, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3566-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | 361553711b273bcfad067c2103c75995844b5cf30e939dad38d26e254785801f; Download | Favorite | View

Red Hat Security Advisory 2023-3565-01: Posted Jun 15, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3565-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | 40a95b3a2fe93bd61122f609278b22f874d2a80c5293385a2a25df06928f7661; Download | Favorite | View

Red Hat Security Advisory 2023-3564-01: Posted Jun 15, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3564-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | 4285bcaa2639ed941e479ed52a31a96baeef0ee6f9d2380238b28762faee614f; Download | Favorite | View

Debian Security Advisory 5423-1: Posted Jun 12, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5423-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, debian; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | 39fd28a4e51cf92b07dc048ec4a3a557fdc8493c2998b7bbf52cfb0d34f5d018; Download | Favorite | View

Debian Security Advisory 5421-1: Posted Jun 8, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5421-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.; tags | advisory, web, arbitrary; systems | linux, debian; advisories | CVE-2023-34414, CVE-2023-34416; SHA-256 | 6215f41254a13b2b6677dbed490abae033a0665d1a96278abf15238bb06a67f6; Download | Favorite | View

Ubuntu Security Notice USN-6143-1: Posted Jun 7, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6143-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jun Kokatsu discovered that Firefox did not properly validate site-isolated process for a document loaded from a data: URL that was the result of a redirect, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2023-34414, CVE-2023-34415, CVE-2023-34416, CVE-2023-34417; SHA-256 | bd9ffeca01911fb13e117e8a1a7783e4a6fcfb21b1709f4dca9749fb6a00db42; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 244 files
Ubuntu 86 files
Gentoo 31 files
Debian 17 files
tmrswrr 8 files
Sina Kheirkhah 7 files
indoushka 5 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
bRpsd 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,456)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,351)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,673)
UNIX (9,429)
UnixWare (187)
Windows (6,667)
Other

CVE-2023-34414

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems