SB2024021904 - Gentoo update for Mozilla Thunderbird
Published: February 19, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 72 secuirty vulnerabilities.
1) Spoofing attack (CVE-ID: CVE-2023-3417)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of the Text Direction Override Unicode Character in filenames. A remote attacker can show a potentially dangerous email attachment as a document file.
2) Use-after-free (CVE-ID: CVE-2023-3600)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error during the worker lifecycle when processing HTML content. A remote attacker can trick the victim to visit a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
3) Origin validation error (CVE-ID: CVE-2023-4045)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to improper tracking of cross-origin tainting in Offscreen Canvas. A remote attacker can violation the same-origin policy and access image data from another website.
4) State Issues (CVE-ID: CVE-2023-4046)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to usage of incorrect values during WASM compilation, resulting in a state value to be used for a global variable in WASM JIT analysis in the content process. A remote attacker can trick the victim into opening a malicious web page and execute arbitrary code on the system.
5) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2023-4047)
The vulnerability allows a remote attacker to perform clickjacking attacks.
The vulnerability exists due to an error in popup notifications delay calculation. A remote attacker can trick the victim into granting permissions.
6) Resource exhaustion (CVE-ID: CVE-2023-4048)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when parsing HTML with DOMParser. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
7) Use-after-free (CVE-ID: CVE-2023-4049)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when releasing platform objects. A remote attacker can trick the victim to open a specially crafted web page, trigger a race condition and execute arbitrary code.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
8) Stack-based buffer overflow (CVE-ID: CVE-2023-4050)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in StorageManager when processing an untrusted input stream. A remote attacker can trick the victim to open a specially crafted website, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
9) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2023-4051)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to an error when displaying the full screen notification by using the file open dialog. A remote attacker can trick the victim into clocking on the file open dialog and perform spoofing attack.
10) Insecure Inherited Permissions (CVE-ID: CVE-2023-4052)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to Firefox uninstaller follows symbolic links when removing files from directory created by the application updater that is writable by non-privileged users. A local user can create symbolic links to critical files on the system and delete them when uninstalling Firefox.
Note, the vulnerability affects Windows installations only.
11) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2023-4053)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due an error when handling full screen notifications. A malicious website can obscure the full screen notification by using a
URL with a scheme handled by an external program, such as a mailto URL, and perform spoofing attack.
12) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2023-4054)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to a missing warning when opening appref-ms files. A remote attacker can trick the victim to open a malicious appref-ms file and compromise the affected system.
Note, the vulnerability affects Windows installations only.
13) State Issues (CVE-ID: CVE-2023-4055)
The vulnerability allows a remote attacker to tamper with HTTP requests.
The vulnerability exists due to a cookie jar overflow when the number of cookies per domain was exceeded in document.cookie. A remote attacker can tamper with HTTP request and force the browser to send requests with some cookies missing.
14) Buffer overflow (CVE-ID: CVE-2023-4056)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim into opening a specially crafted web page, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
15) Buffer overflow (CVE-ID: CVE-2023-4057)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim into opening a specially crafted web page, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
16) Use-after-free (CVE-ID: CVE-2023-4573)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in IPC CanvasTranslator. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
17) Use-after-free (CVE-ID: CVE-2023-4574)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in IPC ColorPickerShownCallback. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
18) Use-after-free (CVE-ID: CVE-2023-4575)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in IPC FilePickerShownCallback. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
19) Integer overflow (CVE-ID: CVE-2023-4576)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in RecordedSourceSurfaceCreation. A remote attacker can trick the victim to visit a specially crafted website, trigger an integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Note, the vulnerability affects Firefox installations on Windows only.
20) Buffer overflow (CVE-ID: CVE-2023-4577)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in JIT UpdateRegExpStatics when UpdateRegExpStatics attempted to access initialStringHeap. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
21) Resource exhaustion (CVE-ID: CVE-2023-4578)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in JS::CheckRegExpSyntax. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
22) Cleartext storage of sensitive information (CVE-ID: CVE-2023-4580)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to push notifications are saved to disk unencrypted. A local user can gain access to potentially sensitive information.
23) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2023-4581)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to a missing warning when downloading Excel .xll add-in files. A remote attacker can trick the victim to visit a specially crafted website and force the browser to download potentially dangerous files without any warning.
24) Buffer overflow (CVE-ID: CVE-2023-4582)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in WebGL glGetProgramiv. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.
Note, the vulnerability affects only Firefox installations on macOS.
25) Information disclosure (CVE-ID: CVE-2023-4583)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to private session data are not cleared in HttpBaseChannel when closing private window. A remote attacker can obtain information from the not cleared session.
26) Buffer overflow (CVE-ID: CVE-2023-4584)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
27) Buffer overflow (CVE-ID: CVE-2023-4585)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
28) Out-of-bounds write (CVE-ID: CVE-2023-5168)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in FilterNodeD2D1. A remote attacker can create a specially crafted website, trick the victim into opening, trigger an out-of-bounds write and execute arbitrary code on the target system.
29) Out-of-bounds write (CVE-ID: CVE-2023-5169)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in PathOps. A remote attacker can create a specially crafted website, trick the victim into opening, trigger an out-of-bounds write and execute arbitrary code on the target system.
30) Use-after-free (CVE-ID: CVE-2023-5171)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error during Ion compilation. A remote attacker can trick the victim to visit a specially crafted webpage, trigger a use after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
31) Double Free (CVE-ID: CVE-2023-5174)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when spawning processes on Windows. A remote attacker can trigger a double free error and execute arbitrary code on the target system.
Note, the vulnerability affects Firefox installations on Windows when running in a non-standard configuration, such as when using "runas".
32) Buffer overflow (CVE-ID: CVE-2023-5176)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
33) Spoofing attack (CVE-ID: CVE-2023-5721)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of queued up rendering. A remote attacker can perform spoofing attack by activating or dismissing certain browser prompts and dialogs.
34) Resource management error (CVE-ID: CVE-2023-5724)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources in WebGL. A remote attacker can trick the victim to open a specially crafted website and perform a denial of service (DoS) attack.
35) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-5725)
The vulnerability allows a malicious extension to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions in WebExtension, which can open arbitrary URLs. A malicious extension can collect sensitive user data.
36) Spoofing attack (CVE-ID: CVE-2023-5726)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data when handling fullscreen notifications by file opening dialog. A remote attacker can perform spoofing attack.
Note, the vulnerability affects macOS installation only.
37) Security features bypass (CVE-ID: CVE-2023-5727)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to a missing executable file warning when downloading .msix, .msixbundle, .appx, and .appxbundle files. A remote attacker can trick the victim into executing the files and compromise the affected system.
The vulnerability affects Windows installations only.
38) Buffer overflow (CVE-ID: CVE-2023-5728)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper object tracking during garbage collection. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
39) Buffer overflow (CVE-ID: CVE-2023-5730)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
40) Spoofing attack (CVE-ID: CVE-2023-5732)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data when handling bidirectional characters. A remote attacker can spoof the browser address bar.
41) Out-of-bounds write (CVE-ID: CVE-2023-6204)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing HTML content in in WebGL2 blitFramebuffer. A remote attacker can trick the victim ti visit a specially crafted website, trigger an out-of-bounds write and execute arbitrary code on the target system.
42) Use-after-free (CVE-ID: CVE-2023-6205)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in the MessagePort::Entangled() method. A remote attacker can trick the victim to open a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
43) Multiple Interpretations of UI Input (CVE-ID: CVE-2023-6206)
The vulnerability allows a remote attacker to perform clickjacking attack.
The vulnerability exists due to the black fade animation when exiting fullscreen is roughly
the length of the anti-clickjacking delay on permission prompts. A remote attacker can perform clickjacking attack and trick the victim into pressing the permissions grant button.
44) Use-after-free (CVE-ID: CVE-2023-6207)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in the ReadableByteStreamQueueEntry::Buffer() method. A remote attacker can trick the victim to open a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
45) Information disclosure (CVE-ID: CVE-2023-6208)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to the Selection API copies text by mistake into the primary selection, a temporary storage not unlike the clipboard, when using on X11. A local user can gain access to potentially sensitive information.
Note, the vulnerability affects only Firefox installations on X11.
46) Input validation error (CVE-ID: CVE-2023-6209)
The vulnerability allows a remote attacker to manipulate data on websites.
The vulnerability exists due to insufficient validation of user-supplied input when parsing relative URLs that start with a triple slash, e.g. "///". A remote attacker can use a path-traversal "/../" part in the path to override the specified host.
47) Memory corruption (CVE-ID: CVE-2023-6212)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim ti visit a specially crafted website, trigger a memory corruption and execute arbitrary code on the target system.
48) Heap-based buffer overflow (CVE-ID: CVE-2023-6856)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the WebGL DrawElementsInstanced method when used on systems with the Mesa VM driver. A remote attacker can trick the victim to visit a specially crafted website, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
49) Buffer Underwrite ('Buffer Underflow') (CVE-ID: CVE-2023-6857)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to an error when handling symbolic links. A local user can trigger a race when the browser resolves a symbolic link, where the buffer passed to readlink may actually be smaller than necessary. A local user can gain access to potentially sensitive information.
The vulnerability affects Unix based operating systems only (e.g. Android, Linux, MacOS).
50) Heap-based buffer overflow (CVE-ID: CVE-2023-6858)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in nsTextFragment when handling out-of-memory situations. A remote attacker can trick the victim to visit a specially crafted website, trigger a heap overflow and crash the browser.
51) Use-after-free (CVE-ID: CVE-2023-6859)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error in PR_GetIdentitiesLayer when creating the TLS socket. A remote attacker can trick the victim to visit a specially crafted website and crash the browser.
52) Security features bypass (CVE-ID: CVE-2023-6860)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to VideoBridge lack of texture validation. A remote attacker can trick the victim to open a specially crafted website, escape the sandbox and gain access to sensitive information.
53) Heap-based buffer overflow (CVE-ID: CVE-2023-6861)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the nsWindow::PickerOpen(void) method when the browser is running in headless mode. A remote attacker can trick the victim to visit a specially crafted website, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
54) Use-after-free (CVE-ID: CVE-2023-6862)
The vulnerability allows a remote attacker to crash the browser.
The vulnerability exists due to a use-after-free error in nsDNSService::Init during browser startup. A remote attacker with control over the DNS server can cause the browser to crash.
55) Reliance on undefined behavior (CVE-ID: CVE-2023-6863)
The vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to reliance on undefined behavior in ShutdownObserver(). A remote attacker can crash the browser.
56) Buffer overflow (CVE-ID: CVE-2023-6864)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
57) Use-after-free (CVE-ID: CVE-2023-37201)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in WebRTC. A remote attacker can trick the victim to visit a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
58) Use-after-free (CVE-ID: CVE-2023-37202)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in Cross-compartment wrappers. A remote attacker can trick the victim to open a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
59) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2023-37207)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to the way fullscreen notifications are handled within the browser. A remote attacker can trick the victim to visit a specially crafted website that can obscure the fullscreen notification by using a URL
with a scheme handled by an external program, such as a mailto URL, and perform spoofing attack.
60) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2023-37208)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to a missing warning when opening Diagcab files. A remote attacker can trick the victim into downloading a malicious Diagcab file and compromise the affected system.
61) Buffer overflow (CVE-ID: CVE-2023-37211)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
62) Spoofing attack (CVE-ID: CVE-2023-50761)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data. The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time, and displayed a valid signature despite a date or time mismatch. This could be used to give recipients the impression that a message was sent at a different date or time.
63) Spoofing attack (CVE-ID: CVE-2023-50762)
The vulnerability allows a remote attacker to spoof email content.
The vulnerability exists due to incorrect processing of user-supplied data. When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This is because the text was interpreted as a MIME message and the first paragraph was always treated as an email header section. A digitally signed text from a different context, such as a signed GIT commit, could be used to spoof an email message.
64) Out-of-bounds write (CVE-ID: CVE-2024-0741)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error in ANGLE when processing untrusted input. A remote attacker can trick the victim to open a specially crafted website, trigger an out-of-bounds write and execute arbitrary code on the target system.
65) Security features bypass (CVE-ID: CVE-2024-0742)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to failure to update user input timestamp for certain browser prompts and dialogs. A remote attacker can perform clickjacking attack and trick the victim into providing unintended permissions to a malicious website.
66) Reachable Assertion (CVE-ID: CVE-2024-0746)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion when listing pointers on Linux. A remote attacker can trick the victim to open the print preview dialog and crash the browser.
67) Security features bypass (CVE-ID: CVE-2024-0747)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to an error in the way the Content Security Policy handles unsafe-inline directive. When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy.
68) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-0749)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to application does not properly impose security restrictions. A phishing site could have repurposed an about: dialog to show phishing content with an incorrect origin in the address bar.
69) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2024-0750)
The vulnerability allows a remote attacker to perform a clickjacking attack.
The vulnerability exists due to an error in popup notifications delay calculation. A remote attacker can perform a clickjacking attack and trick a user into granting permissions to a malicious web application.
70) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-0751)
The vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions. A malicious devtools extension could have been used to escalate privileges.
71) Security features bypass (CVE-ID: CVE-2024-0753)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to an error when handling HSTS on a subdomain. In specific HSTS configurations an attacker could have bypassed HSTS.
72) Buffer overflow (CVE-ID: CVE-2024-0755)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Install update from vendor's website.