| VID |
28950 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Firefox installed on the remote Windows host is prior to 121.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-56 advisory.
- The WebGL <code>DrawElementsInstanced</code> method was susceptible to a heap buffer overflow when used onsystems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution andsandbox escape. (CVE-2023-6856)
- Multiple NSS NIST curves were susceptible to a side-channel attack known as Minerva. This attack couldpotentially allow an attacker to recover the private key. (CVE-2023-6135)
- <code>EncryptingOutputStream</code> was susceptible to exposing uninitialized data. This issue could onlybe abused in order to write data to a local disk which may have implications for private browsing mode. (CVE-2023-6865)
- When resolving a symlink, a race may occur where the buffer passed to <code>readlink</code> may actuallybe smaller than necessary. This bug only affects Firefox on Unix-based operating systems (Android, Linux,MacOS). Windows is unaffected. (CVE-2023-6857)
- Firefox was susceptible to a heap buffer overflow in <code>nsTextFragment</code> due to insufficient OOMhandling. (CVE-2023-6858)
- A use-after-free condition affected TLS socket creation when under memory pressure. (CVE-2023-6859)
- TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIswhich expect TypedArrays to always succeed. (CVE-2023-6866)
- The <code>VideoBridge</code> allowed any content process to use textures produced by remote decoders. Thiscould be abused to escape the sandbox. (CVE-2023-6860)
- The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luringthem to click where the permission grant button would be about to appear. (CVE-2023-6867)
* References:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/
* Platforms Affected:
Mozilla Foundation, Firefox versions prior to 121.0
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Firefox (121.0 or later), available from the Mozilla Web site at http://www.mozilla.com/firefox/ |
| Related URL |
CVE-2023-6856,CVE-2023-6135,CVE-2023-6865,CVE-2023-6857,CVE-2023-6858,CVE-2023-6859,CVE-2023-6866,CVE-2023-6860,CVE-2023-6867 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
