Main Vulnerability Database Vulnerabilities #VU73678

#VU73678 Information disclosure in Mozilla Firefox and Firefox for Android - CVE-2023-25750

Published: March 14, 2023

Vulnerability identifier: #VU73678

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-25750

CWE-ID: CWE-200

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Mozilla Firefox
Firefox for Android

Software vendor:
Mozilla

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists due to an unspecified error, which can cause the ServiceWorker's offline cache to be leaked to the file system when using private browsing mode. As a result, an attacker can gain unauthorized access to sensitive information on the system.

Remediation

Install updates from vendor's website.

External links

https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/

#VU73678 Information disclosure in Mozilla Firefox and Firefox for Android - CVE-2023-25750

Description

Remediation

External links

Please verify you're human