Gentoo update for Mozilla Firefox



| Updated: 2024-06-07
Risk Critical
Patch available YES
Number of vulnerabilities 58
CVE-ID CVE-2023-3482
CVE-2023-4058
CVE-2023-4579
CVE-2023-5129
CVE-2023-4863
CVE-2023-5170
CVE-2023-5172
CVE-2023-5173
CVE-2023-5175
CVE-2023-5722
CVE-2023-5723
CVE-2023-5729
CVE-2023-5731
CVE-2023-5758
CVE-2023-6135
CVE-2023-6210
CVE-2023-6211
CVE-2023-6213
CVE-2023-6856
CVE-2023-6857
CVE-2023-6858
CVE-2023-6859
CVE-2023-6860
CVE-2023-6861
CVE-2023-6862
CVE-2023-6863
CVE-2023-6864
CVE-2023-6865
CVE-2023-6866
CVE-2023-6867
CVE-2023-6868
CVE-2023-6869
CVE-2023-6870
CVE-2023-6871
CVE-2023-6872
CVE-2023-6873
CVE-2023-32205
CVE-2023-32206
CVE-2023-32207
CVE-2023-32208
CVE-2023-32209
CVE-2023-32210
CVE-2023-32211
CVE-2023-32212
CVE-2023-32213
CVE-2023-32214
CVE-2023-32215
CVE-2023-32216
CVE-2023-34414
CVE-2023-34415
CVE-2023-34416
CVE-2023-34417
CVE-2023-37203
CVE-2023-37204
CVE-2023-37205
CVE-2023-37206
CVE-2023-37209
CVE-2023-37210
CVE-2023-37212
CWE-ID CWE-254
CWE-119
CWE-20
CWE-122
CWE-401
CWE-416
CWE-787
CWE-200
CWE-451
CWE-79
CWE-203
CWE-264
CWE-450
CWE-124
CWE-758
CWE-457
CWE-755
CWE-284
CWE-357
CWE-532
CWE-125
CWE-400
CWE-843
CWE-939
CWE-61
Exploitation vector Network
Public exploit Vulnerability #4 is being exploited in the wild.
Vulnerable software
Gentoo Linux
Operating systems & Components / Operating system

www-client/firefox
Operating systems & Components / Operating system package or component

Vendor Gentoo

Security Bulletin

This security bulletin contains information about 58 vulnerabilities.

1) Security features bypass

EUVDB-ID: #VU77945

Risk: Medium

CVSSv3.1: 4.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-3482

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to an error when Firefox is configured to block storage of all cookies. It is still possible to store data in localstorage by using an iframe with a source of 'about:blank'. A remote attacker can abuse such behavior to store tracking data without victim's permission.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Buffer overflow

EUVDB-ID: #VU78858

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4058

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim into opening a specially crafted web page, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

EUVDB-ID: #VU80096

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4579

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a spoofing attack.

The vulnerability exists due to insufficient validation of user-supplied input when handling persistent search terms. Search queries in the default search engine can appear to have been the currently navigated URL if the search query itself is a well formed URL. As a result, a remote attacker can perform a spoofing attack if it had been maliciously set as the default search engine.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Heap-based buffer overflow

EUVDB-ID: #VU80637

Risk: Critical

CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2023-5129,CVE-2023-4863

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing WebP images within libwebp library. A remote attacker can trick the victim to visit a malicious website, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. The vulnerability affects all modern browsers that support WebP image processing.

Note, the vulnerability is being actively exploited in the wild.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

5) Memory leak

EUVDB-ID: #VU81130

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-5170

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due memory leak during canvas rendering. A remote attacker can trick the victim to visit a specially crafted webpage, trigger memory leak of a privileged process by unexpectedly changing the surface and gain access to potentially sensitive information. This memory leak could be used to effect a sandbox escape if the correct data was leaked.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU81131

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-5172

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in Ion Engine. A remote attacker can trick the victim to open a specially crafted web page, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds write

EUVDB-ID: #VU81132

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-5173

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can trick the victim to open a specially crafted HTML file to trigger an out-of-bounds write and execute arbitrary code on the target system.

The vulnerability affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (network.http.altsvc.oe) is enabled.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Use-after-free

EUVDB-ID: #VU81133

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-5175

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free ImageBitmap during process shutdown. A remote attacker can trick the victim to visit a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Information disclosure

EUVDB-ID: #VU82345

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-5722

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to cross-origin size and header leakage. A remote attacker can learn the size of an opaque response using iterative requests.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Input validation error

EUVDB-ID: #VU82346

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-5723

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when handling invalid cookie characters. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Spoofing attack

EUVDB-ID: #VU82347

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-5729

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data. A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been leveraged in a spoofing attack.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Buffer overflow

EUVDB-ID: #VU82348

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-5731

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Cross-site scripting

EUVDB-ID: #VU82355

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-5758

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data when opening a page in reader mode. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Observable discrepancy

EUVDB-ID: #VU84568

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6135

CWE-ID: CWE-203 - Observable discrepancy

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a side-channel attack in multiple NSS NIST curves, known as "Minerva". A remote attacker can recover the private key and decrypt data passed between server and client.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU83374

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6210

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to application does not properly impose security restrictions. When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content, such as iframes from insecure http: URLs.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Multiple Interpretations of UI Input

EUVDB-ID: #VU83375

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6211

CWE-ID: CWE-450 - Multiple Interpretations of UI Input

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform clickjacking attack.

If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Buffer overflow

EUVDB-ID: #VU83376

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6213

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Heap-based buffer overflow

EUVDB-ID: #VU84557

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6856

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the WebGL DrawElementsInstanced method when used on systems with the Mesa VM driver. A remote attacker can trick the victim to visit a specially crafted website, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Buffer Underwrite ('Buffer Underflow')

EUVDB-ID: #VU84559

Risk: Low

CVSSv3.1: 2.2 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6857

CWE-ID: CWE-124 - Buffer Underwrite ('Buffer Underflow')

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to an error when handling symbolic links. A local user can trigger a race when the browser resolves a symbolic link, where the buffer passed to readlink may actually be smaller than necessary. A local user can gain access to potentially sensitive information.

The vulnerability affects Unix based operating systems only (e.g. Android, Linux, MacOS).

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Heap-based buffer overflow

EUVDB-ID: #VU84560

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6858

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in nsTextFragment when handling out-of-memory situations. A remote attacker can trick the victim to visit a specially crafted website, trigger a heap overflow and crash the browser.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free

EUVDB-ID: #VU84561

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6859

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error in PR_GetIdentitiesLayer when creating the TLS socket. A remote attacker can trick the victim to visit a specially crafted website and crash the browser.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Security features bypass

EUVDB-ID: #VU84562

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6860

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to VideoBridge lack of texture validation. A remote attacker can trick the victim to open a specially crafted website, escape the sandbox and gain access to sensitive information.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Heap-based buffer overflow

EUVDB-ID: #VU84564

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6861

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the nsWindow::PickerOpen(void) method when the browser is running in headless mode. A remote attacker can trick the victim to visit a specially crafted website, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Use-after-free

EUVDB-ID: #VU84565

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6862

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the browser.

The vulnerability exists due to a use-after-free error in nsDNSService::Init during browser startup. A remote attacker with control over the DNS server can cause the browser to crash.


Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Reliance on undefined behavior

EUVDB-ID: #VU84566

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6863

CWE-ID: CWE-758 - Reliance on Undefined, Unspecified, or Implementation-Defined Behavior

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to reliance on undefined behavior in ShutdownObserver(). A remote attacker can crash the browser.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Buffer overflow

EUVDB-ID: #VU84567

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6864

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Use of Uninitialized Variable

EUVDB-ID: #VU84558

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6865

CWE-ID: CWE-457 - Use of Uninitialized Variable

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to access to uninitialized data in EncryptingOutputStream. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and write data to a local disk, which may have implications for private browsing mode.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Improper handling of exceptional conditions

EUVDB-ID: #VU84569

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6866

CWE-ID: CWE-755 - Improper Handling of Exceptional Conditions

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper handling of errors in TypedArrays. A remote attacker can trick the victim to open a specially crafted website and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Multiple Interpretations of UI Input

EUVDB-ID: #VU84563

Risk: Medium

CVSSv3.1: 4.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6867

CWE-ID: CWE-450 - Multiple Interpretations of UI Input

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform clickjacking attack.

The vulnerability exists due to a timing issue when the user clicks on a button. The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. A remote attacker can perform clickjacking attack.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Improper access control

EUVDB-ID: #VU84570

Risk: Low

CVSSv3.1: 3.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6868

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Multiple Interpretations of UI Input

EUVDB-ID: #VU84571

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6869

CWE-ID: CWE-450 - Multiple Interpretations of UI Input

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error when displaying browser content. A <dialog> element can be manipulated to paint content outside of a sandboxed iframe, which could allow untrusted content to display under the guise of trusted content.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU84572

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6870

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error when handling Toast notifications. Applications which spawn a Toast notification in a background thread can obscure fullscreen notifications displayed by the browser.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU84573

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6871

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to lack of protocol handler warning when navigating to a new protocol handler. A remote attacker can perform spoofing attack.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU84574

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6872

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to Browser tab titles are leaked by GNOME to system logs. A local user can read the log files and gain access to sensitive data.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Buffer overflow

EUVDB-ID: #VU84575

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6873

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Spoofing attack

EUVDB-ID: #VU75874

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32205

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data. A remote attacker can obscure browser prompts and perform spoofing attack.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Out-of-bounds read

EUVDB-ID: #VU75875

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32206

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the RLBox Expat driver. A remote attacker can trick the victim to open a specially crafted website, trigger an out-of-bounds read error and crash the browser.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Security features bypass

EUVDB-ID: #VU75876

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32207

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform clickjacking attack.

The vulnerability exists due to a missing delay in popup notifications. A remote attacker can trick a victim into granting permissions.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Information disclosure

EUVDB-ID: #VU75877

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32208

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to Firefox leaks the script base URL in service workers due to dynamic import() call. A remote attacker can access to sensitive information.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Resource exhaustion

EUVDB-ID: #VU75878

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32209

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when processing favicon image. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU75879

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32210

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to documents incorrectly assume an ordering of principal objects. A remote attacker can cause a document to be loaded with a higher privileged principal than intended.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Type Confusion

EUVDB-ID: #VU75880

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32211

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a type confusion error when processing HTML content. A remote attacker can trick the victim to open a specially crafted website, trigger a type confusion error and crash the browser.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Spoofing attack

EUVDB-ID: #VU75881

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32212

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data. A remote attacker can spoof the address bar using the datalist element.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Buffer overflow

EUVDB-ID: #VU75882

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32213

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within FileReader::DoReadData() when reading a file. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Improper Authorization in Handler for Custom URL Scheme

EUVDB-ID: #VU75883

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32214

CWE-ID: CWE-939 - Improper Authorization in Handler for Custom URL Scheme

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the browser.

The vulnerability exists due to incorrect processing of the ms-cxh and ms-cxh-full handlers. A remote attacker can trick the victim to visit a specially crafted web page and crash the browser.

Note, the vulnerability affects Windows installations only.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Buffer overflow

EUVDB-ID: #VU75884

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32215

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Buffer overflow

EUVDB-ID: #VU75885

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32216

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Spoofing attack

EUVDB-ID: #VU77002

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-34414

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data when displaying certificate exceptions. The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a site with a certificate error and made the renderer extremely busy at the same time, it could create a gap between when the error page was loaded and when the display actually refreshed.

With the right timing the elicited clicks could land in that gap and activate the button that overrides the certificate error for that site.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Security features bypass

EUVDB-ID: #VU77003

Risk: Medium

CVSSv3.1: 4.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-34415

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to the way Firefox loads documents from a "data:" URL that was the result of a redirect. A remote attacker can trick the victim to open a specially crafted URL and bypass site-isolation protections against Spectre-like attacks.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Buffer overflow

EUVDB-ID: #VU77004

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-34416

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Buffer overflow

EUVDB-ID: #VU77005

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-34417

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Input validation error

EUVDB-ID: #VU77946

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-37203

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation in the Drag and Drop API. A remote attacker trick the victim into creating a shortcut to local system files and leverage the Drag and Drop API behavior to execute arbitrary code.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU77947

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-37204

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to the way fullscreen notifications are handled within the browser. A remote attacker can obscure the fullscreen notification by using an option element by introducing lag via an expensive computational function and perform spoofing attack.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Spoofing attack

EUVDB-ID: #VU77948

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-37205

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data when processing RTL Arabic characters in the address bar. A remote attacker can spoof URL in the address bar.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) UNIX symbolic link following

EUVDB-ID: #VU77949

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-37206

CWE-ID: CWE-61 - UNIX Symbolic Link (Symlink) Following

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a symlink following issue in the FileSystem API. A remote attacker can trick the victim into uploading a file, which contain a symlink to a critical file, and gain access to potentially sensitive information.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Use-after-free

EUVDB-ID: #VU77950

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-37209

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in NotifyOnHistoryReload. A remote attacker can trick the victim to visit a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU77951

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-37210

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to the way the browser exists the fullscreen mode. A remote attacker can prevent a user from exiting full-screen mode via alert and prompt calls and perform spoofing attack.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Buffer overflow

EUVDB-ID: #VU77952

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-37212

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim to visit a malicious website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected packages.
www-client/firefox to version:
www-client/firefox-bin to version:

Vulnerable software versions

Gentoo Linux: All versions

www-client/firefox: before 104

CPE2.3 External links

http://security.gentoo.org/glsa/202401-10


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###