exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

CVE-2023-28164

Status Candidate

Overview

Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

Related Files

Red Hat Security Advisory 2023-1479-01
Posted Mar 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1479-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-0767, CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | f8d79d3bdce21e3df66b2991b5745ddf3b6bd31b8d8e621519f240fc125bfaaf
Ubuntu Security Notice USN-5972-1
Posted Mar 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5972-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Lukas Bernhard discovered that Thunderbird did not properly manage memory when invalidating JIT code while following an iterator. An attacker could potentially exploits this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-25751, CVE-2023-28164, CVE-2023-28176
SHA-256 | e5f3cee46373b48c3b21ce235d96b3a6bd98f17beb54b9cc7bfaf5a94b2aa79c
Ubuntu Security Notice USN-5954-2
Posted Mar 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5954-2 - USN-5954-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Lukas Bernhard discovered that Firefox did not properly manage memory when invalidating JIT code while following an iterator. An attacker could potentially exploits this issue to cause a denial of service. Rob Wu discovered that Firefox did not properly manage the URLs when following a redirect to a publicly accessible web extension file. An attacker could potentially exploits this to obtain sensitive information. Luan Herrera discovered that Firefox did not properly manage cross-origin iframe when dragging a URL. An attacker could potentially exploit this issue to perform spoofing attacks. Khiem Tran discovered that Firefox did not properly manage one-time permissions granted to a document loaded using a file: URL. An attacker could potentially exploit this issue to use granted one-time permissions on the local files came from different sources.

tags | advisory, web, denial of service, arbitrary, local, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28160, CVE-2023-28161, CVE-2023-28164
SHA-256 | 7ead7bb25c8c04a52256d67d583dcbfffb6725d38ac5236d51297e2bc3a0492a
Red Hat Security Advisory 2023-1472-01
Posted Mar 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1472-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 776a0f0efd14e70f1911a7c1ad17156ab4e6f13933fad598686fe497c91708e9
Red Hat Security Advisory 2023-1445-01
Posted Mar 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1445-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | b5ac70b03a1cebcf5836420d28252731628b1307cfeebc0212f1f57dc997edea
Red Hat Security Advisory 2023-1444-01
Posted Mar 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1444-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 3aec57dfd00331840c6fc6604cc31a67a6fc93a718cb749b44a9291a9f2b1257
Red Hat Security Advisory 2023-1442-01
Posted Mar 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1442-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 4d84e48cc4e2c68c53224e1707a712b7101644b8b65674dcca5966bb5ca76260
Red Hat Security Advisory 2023-1443-01
Posted Mar 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1443-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 04e2f729cf479cb0d1407e9abd5ee1387ad8f962ff0d530413d243d80d590abf
Red Hat Security Advisory 2023-1404-01
Posted Mar 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1404-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 2012cd67ecebb029cdad5dc1c2cb47085fa814ec6980eccca363cc32212a9859
Red Hat Security Advisory 2023-1367-01
Posted Mar 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1367-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 65c3f08860fc7680853e89411cd82b0805f3d817bab1222d40db06d9ef25b87f
Red Hat Security Advisory 2023-1407-01
Posted Mar 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1407-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 1ff3740e2233239cb3012e114571da82aa1a4bda1543c4dfd3a947daef7f9146
Red Hat Security Advisory 2023-1403-01
Posted Mar 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1403-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 23adf91cc80dbe5df6852c0bbada70ef6bf48d21a5d64963b994d567025b077e
Red Hat Security Advisory 2023-1401-01
Posted Mar 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1401-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | bc23d1e2b5f9fe2b12cf224299b73269ca23023010a60aace7af880776d87fdf
Red Hat Security Advisory 2023-1364-01
Posted Mar 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1364-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 473eea26c1a586531eebe16318c8f8d90bcbf8195525d83f699eaac496de3755
Red Hat Security Advisory 2023-1402-01
Posted Mar 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1402-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 43a05c763064608678c6880c872db2fbbbc03721ebfb43aa1b1c2b2d262664d5
Red Hat Security Advisory 2023-1337-01
Posted Mar 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1337-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 01685704d18bf8183e32963ac3cb4e6e6ada557566263ae85054a1685e47ea16
Red Hat Security Advisory 2023-1333-01
Posted Mar 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1333-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 11bf472412d2db2d3f57abb184b5ce07a20f6a34d31fd9acb63e37142f3833e5
Red Hat Security Advisory 2023-1336-01
Posted Mar 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1336-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | c7cd62e9be26e368dcce7e0d1976e0a8615ec3f69dfadaf4a6825860dca8fda7
Debian Security Advisory 5375-1
Posted Mar 17, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5375-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or spoofing.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, debian
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | 943bb672c5f5a142c518592167667218e9e53d058b0660c6d0458c7636cb77ca
Ubuntu Security Notice USN-5954-1
Posted Mar 16, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5954-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Lukas Bernhard discovered that Firefox did not properly manage memory when invalidating JIT code while following an iterator. An attacker could potentially exploits this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-25750, CVE-2023-25751, CVE-2023-25752, CVE-2023-28160, CVE-2023-28161, CVE-2023-28162, CVE-2023-28164, CVE-2023-28177
SHA-256 | 9a904798e7771b7468e2663f1514597410be79efd31e38ffa22747567f7a3706
Debian Security Advisory 5374-1
Posted Mar 16, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5374-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing.

tags | advisory, web, arbitrary, spoof
systems | linux, debian
advisories | CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176
SHA-256 | ef900a452c188015da475ec656d55f96626688e7c22638f3904a9534481df7d1
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close