what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

CVE-2023-4050

Status Candidate

Overview

In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Related Files

Gentoo Linux Security Advisory 202402-25
Posted Feb 19, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202402-25 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.7.0 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2023-3417, CVE-2023-3600, CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37208, CVE-2023-37211, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4051
SHA-256 | f6a33c383a67744f956589ebca1e53b97ec85a5c78492b16031da34f30606da1
Ubuntu Security Notice USN-6333-1
Posted Sep 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6333-1 - Junsung Lee discovered that Thunderbird did not properly validate the text direction override unicode character in filenames. An attacker could potentially exploits this issue by spoofing file extension while attaching a file in emails. Max Vlasov discovered that Thunderbird Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy.

tags | advisory, spoof
systems | linux, ubuntu
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056
SHA-256 | de1cdeefaa54cbd5ac2ba23369fd0091cdef1507fcdebab7399ef5c6b2b74e13
Ubuntu Security Notice USN-6267-3
Posted Aug 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6267-3 - USN-6267-1 fixed vulnerabilities and USN-6267-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. Alexander Guryanov discovered that Firefox did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. Mark Brand discovered that Firefox did not properly validate the size of an untrusted input stream. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4048, CVE-2023-4050, CVE-2023-4056
SHA-256 | 7e86313999419f66e87b639480ef8ad7f3101a9bf1b0aef199979f717993c99a
Ubuntu Security Notice USN-6267-2
Posted Aug 8, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6267-2 - USN-6267-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. Alexander Guryanov discovered that Firefox did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. Mark Brand discovered that Firefox did not properly validate the size of an untrusted input stream. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4048, CVE-2023-4050, CVE-2023-4056
SHA-256 | 5fb0b898aafa28294fb8ccc08119b1fe47db5b53b2d6374b96b0c7fd72049cca
Red Hat Security Advisory 2023-4497-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4497-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | d61b5c7d78b63321d596425b6dbd2d12c0485db110873f84a72928d225472381
Red Hat Security Advisory 2023-4499-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4499-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 11004ad86cf7fb706f246469662689fcf1317bb98536e467a4155cb6ca468dff
Red Hat Security Advisory 2023-4500-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4500-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | c4aa016d471135fe61ed27809f1c8264400e9a54fe3dd490f8bfd6a9a81641f0
Red Hat Security Advisory 2023-4495-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4495-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 3f082ad0422d2528b2b980547ea2bb899bc6c98fd777b949caaa3711c639c33f
Red Hat Security Advisory 2023-4496-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4496-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 2579416318f2418061883709534204a492c792cc999e151d20e73b1b16ba92d6
Red Hat Security Advisory 2023-4493-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4493-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 98e2b30eab8cfaa7e1b574708bd5698b5ca4c22bf7afc00cb6330e0e425da627
Red Hat Security Advisory 2023-4494-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4494-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 2858760e57b9ee1af6a5e94097dc3e02d02117c8cead120b74105220b40a4c27
Red Hat Security Advisory 2023-4492-01
Posted Aug 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4492-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2023-3417, CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 1734acf7582d70ac3c37e9313d4428dd8d6215908c5d07e27b67e4b96a1228c2
Debian Security Advisory 5469-1
Posted Aug 7, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5469-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056
SHA-256 | 017d91e72c61fc642ca3564dd8cd1290f874178ab081da60e057a9723723cfde
Debian Security Advisory 5464-1
Posted Aug 4, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5464-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, bypass of the same-origin policy, spoofing or sandbox bypass.

tags | advisory, web, arbitrary, spoof
systems | linux, debian
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056
SHA-256 | 3069629d3ef5bc6b0d21cfa08fe173ff4a81f30ad88de2fa86b9b678de047138
Red Hat Security Advisory 2023-4461-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4461-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | ddb2a0756d62f711c911cd8c4b53ad7d0583595b1b5733ac92ad7e20029e2119
Red Hat Security Advisory 2023-4460-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4460-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | da853f53a82d14aa2bf6fc0456ede116ae0d55b04dd25f09b987a52be2dee28d
Red Hat Security Advisory 2023-4469-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4469-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | fedb6843c2df2945faa516f0e6ccc48026ac649bba6f02632b4ee78c4aa19d07
Red Hat Security Advisory 2023-4468-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4468-01 - An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 90bccd1353096856931c18624a03cb99f6b57b04834b3cc97fc0816696183422
Red Hat Security Advisory 2023-4465-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4465-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | a019b3e199b89f00fa9182a0f5a598959d0916c04a6c55254c4367d942dcab56
Red Hat Security Advisory 2023-4464-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4464-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | aa026308e6a9261e67cef9327e9f20936d6c0b4a53e7536306ad485fb4b0021d
Red Hat Security Advisory 2023-4463-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4463-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 4ebfd9470307ee6efdcf1331c5c8cf44406bb65810dbd074149d73e2131a046d
Red Hat Security Advisory 2023-4462-01
Posted Aug 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4462-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | ac334472e16a49a84869d79eb012501d1c1db4b461779a5531bafd208158eebc
Ubuntu Security Notice USN-6267-1
Posted Aug 2, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6267-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-4045, CVE-2023-4046, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057
SHA-256 | 51b1cc97de6f469ebee1cb6c9eb78f96f74f91edddd7253d5beec2a0426b7fd1
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close