ISHACK AI BOT

MFSA2023-47 Thunderbird: Security Vulnerabilities fixed in Thunderbird 115.4.1 (CVE-2023-5727) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 10/24/2023 Created 10/26/2023 Added 10/25/2023 Modified 01/30/2025 Description The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) mozilla-thunderbird-upgrade-115_4_1 References https://attackerkb.com/topics/cve-2023-5727 CVE - 2023-5727 http://www.mozilla.org/security/announce/2023/mfsa2023-47.html

MFSA2023-47 Thunderbird: Security Vulnerabilities fixed in Thunderbird 115.4.1 (CVE-2023-5726) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/24/2023 Created 10/26/2023 Added 10/25/2023 Modified 01/28/2025 Description A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. *Note: This issue only affected macOS operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) mozilla-thunderbird-upgrade-115_4_1 References https://attackerkb.com/topics/cve-2023-5726 CVE - 2023-5726 http://www.mozilla.org/security/announce/2023/mfsa2023-47.html

MFSA2023-47 Thunderbird: Security Vulnerabilities fixed in Thunderbird 115.4.1 (CVE-2023-5721) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/24/2023 Created 10/26/2023 Added 10/25/2023 Modified 01/28/2025 Description It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) mozilla-thunderbird-upgrade-115_4_1 References https://attackerkb.com/topics/cve-2023-5721 CVE - 2023-5721 http://www.mozilla.org/security/announce/2023/mfsa2023-47.html

MFSA2023-45 Firefox: Security Vulnerabilities fixed in Firefox 119 (CVE-2023-5722) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 10/24/2023 Created 10/26/2023 Added 10/25/2023 Modified 01/28/2025 Description Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119. Solution(s) mozilla-firefox-upgrade-119_0 References https://attackerkb.com/topics/cve-2023-5722 CVE - 2023-5722 http://www.mozilla.org/security/announce/2023/mfsa2023-45.html

Ubuntu: USN-6450-1 (CVE-2023-5363): OpenSSL vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/24/2023 Created 10/26/2023 Added 10/25/2023 Modified 01/30/2025 Description Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths.This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes. When calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established.Any alterations to the key length, via the "keylen" parameter or the IV length, via the "ivlen" parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values.The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB. For the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality.For example, when following NIST's SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse. Both truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception.However, these issues are not currently assessed as security critical. Changing the key and/or IV lengths is not considered to be a common operation and the vulnerable API was recently introduced. Furthermore it is likely that application developers will have spotted this problem during testing since decryption would fail unless both peers in the communication were similarly vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be quite low. However if an application is vulnerable then this issue is considered very serious. For these reasons we have assessed this issue as Moderate severity overall. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the issue lies outside of the FIPS provider boundary. OpenSSL 3.1 and 3.0 are vulnerable to this issue. Solution(s) ubuntu-upgrade-libssl3 References https://attackerkb.com/topics/cve-2023-5363 CVE - 2023-5363 USN-6450-1

MFSA2023-47 Thunderbird: Security Vulnerabilities fixed in Thunderbird 115.4.1 (CVE-2023-5732) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 10/24/2023 Created 10/26/2023 Added 10/25/2023 Modified 01/28/2025 Description An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox < 117, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) mozilla-thunderbird-upgrade-115_4_1 References https://attackerkb.com/topics/cve-2023-5732 CVE - 2023-5732 http://www.mozilla.org/security/announce/2023/mfsa2023-47.html

Alpine Linux: CVE-2023-5721: Improper Restriction of Rendered UI Layers or Frames Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/24/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) alpine-linux-upgrade-firefox-esr alpine-linux-upgrade-firefox alpine-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-5721 CVE - 2023-5721 https://security.alpinelinux.org/vuln/CVE-2023-5721

Alpine Linux: CVE-2023-5726: Vulnerability in Multiple Components Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/24/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. *Note: This issue only affected macOS operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) alpine-linux-upgrade-firefox-esr alpine-linux-upgrade-firefox alpine-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-5726 CVE - 2023-5726 https://security.alpinelinux.org/vuln/CVE-2023-5726

Alpine Linux: CVE-2023-5728: Vulnerability in Multiple Components Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/24/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) alpine-linux-upgrade-firefox-esr alpine-linux-upgrade-firefox alpine-linux-upgrade-thunderbird alpine-linux-upgrade-mozjs115 References https://attackerkb.com/topics/cve-2023-5728 CVE - 2023-5728 https://security.alpinelinux.org/vuln/CVE-2023-5728

Alpine Linux: CVE-2023-5729: Vulnerability in Multiple Components Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 10/24/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been leveraged in a spoofing attack. This vulnerability affects Firefox < 119. Solution(s) alpine-linux-upgrade-firefox References https://attackerkb.com/topics/cve-2023-5729 CVE - 2023-5729 https://security.alpinelinux.org/vuln/CVE-2023-5729

Alpine Linux: CVE-2023-5730: Out-of-bounds Write Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/24/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) alpine-linux-upgrade-firefox-esr alpine-linux-upgrade-firefox alpine-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-5730 CVE - 2023-5730 https://security.alpinelinux.org/vuln/CVE-2023-5730

Alpine Linux: CVE-2023-5727: Vulnerability in Multiple Components Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 10/24/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) alpine-linux-upgrade-firefox-esr alpine-linux-upgrade-firefox alpine-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-5727 CVE - 2023-5727 https://security.alpinelinux.org/vuln/CVE-2023-5727

Alpine Linux: CVE-2023-5725: Vulnerability in Multiple Components Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 10/24/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) alpine-linux-upgrade-firefox-esr alpine-linux-upgrade-firefox alpine-linux-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-5725 CVE - 2023-5725 https://security.alpinelinux.org/vuln/CVE-2023-5725

Alpine Linux: CVE-2023-5568: Out-of-bounds Write Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 10/24/2023 Created 03/22/2024 Added 03/26/2024 Modified 04/09/2024 Description A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service. Solution(s) alpine-linux-upgrade-samba References https://attackerkb.com/topics/cve-2023-5568 CVE - 2023-5568 https://security.alpinelinux.org/vuln/CVE-2023-5568

MFSA2023-46 Firefox: Security Vulnerabilities fixed in Firefox ESR 115.4 (CVE-2023-5728) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/24/2023 Created 10/26/2023 Added 10/25/2023 Modified 01/28/2025 Description During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Solution(s) mozilla-firefox-esr-upgrade-115_4 References https://attackerkb.com/topics/cve-2023-5728 CVE - 2023-5728 http://www.mozilla.org/security/announce/2023/mfsa2023-46.html

VMware Photon OS: CVE-2023-45802 Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-45802 CVE - 2023-45802

VMware Photon OS: CVE-2023-43622 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.57. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-43622 CVE - 2023-43622

SUSE: CVE-2023-31122: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 11/15/2023 Added 11/14/2023 Modified 01/28/2025 Description Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Solution(s) suse-upgrade-apache2 suse-upgrade-apache2-devel suse-upgrade-apache2-doc suse-upgrade-apache2-event suse-upgrade-apache2-example-pages suse-upgrade-apache2-prefork suse-upgrade-apache2-tls13 suse-upgrade-apache2-tls13-devel suse-upgrade-apache2-tls13-doc suse-upgrade-apache2-tls13-example-pages suse-upgrade-apache2-tls13-prefork suse-upgrade-apache2-tls13-utils suse-upgrade-apache2-tls13-worker suse-upgrade-apache2-utils suse-upgrade-apache2-worker References https://attackerkb.com/topics/cve-2023-31122 CVE - 2023-31122

Debian: CVE-2023-5633: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 10/23/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-5633 CVE - 2023-5633

VMware Photon OS: CVE-2023-31122 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-31122 CVE - 2023-31122

Debian: CVE-2023-45802: apache2 -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 04/18/2024 Added 04/18/2024 Modified 01/30/2025 Description When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Solution(s) debian-upgrade-apache2 References https://attackerkb.com/topics/cve-2023-45802 CVE - 2023-45802 DSA-5662-1

Debian: CVE-2023-31122: apache2 -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 04/18/2024 Added 04/18/2024 Modified 01/28/2025 Description Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Solution(s) debian-upgrade-apache2 References https://attackerkb.com/topics/cve-2023-31122 CVE - 2023-31122 DSA-5662-1

Huawei EulerOS: CVE-2023-31122: httpd security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Solution(s) huawei-euleros-2_0_sp10-upgrade-httpd huawei-euleros-2_0_sp10-upgrade-httpd-filesystem huawei-euleros-2_0_sp10-upgrade-httpd-tools huawei-euleros-2_0_sp10-upgrade-mod_ssl References https://attackerkb.com/topics/cve-2023-31122 CVE - 2023-31122 EulerOS-SA-2024-1085

Red Hat: CVE-2023-43622: httpd: mod_http2: DoS in HTTP/2 with initial window size 0 (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 05/01/2024 Added 05/01/2024 Modified 09/03/2024 Description An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.57. Users are recommended to upgrade to version 2.4.58, which fixes the issue. Solution(s) redhat-upgrade-mod_http2 redhat-upgrade-mod_http2-debuginfo redhat-upgrade-mod_http2-debugsource References CVE-2023-43622 RHSA-2024:2368

Huawei EulerOS: CVE-2023-31122: httpd security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/23/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/28/2025 Description Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Solution(s) huawei-euleros-2_0_sp8-upgrade-httpd huawei-euleros-2_0_sp8-upgrade-httpd-devel huawei-euleros-2_0_sp8-upgrade-httpd-filesystem huawei-euleros-2_0_sp8-upgrade-httpd-manual huawei-euleros-2_0_sp8-upgrade-httpd-tools huawei-euleros-2_0_sp8-upgrade-mod_session huawei-euleros-2_0_sp8-upgrade-mod_ssl References https://attackerkb.com/topics/cve-2023-31122 CVE - 2023-31122 EulerOS-SA-2024-1273