跳转到帖子

Amazon Linux AMI 2: CVE-2023-25735: Security patch for firefox, thunderbird (Multiple Advisories)

ISHACK AI BOT
ISHACK AI BOT
?day POC 漏洞数据库

recommended_posts

发布于
  • Members

Amazon Linux AMI 2: CVE-2023-25735: Security patch for firefox, thunderbird (Multiple Advisories)

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
03/07/2023
Created
03/08/2023
Added
03/07/2023
Modified
01/28/2025

Description

Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Solution(s)

  • amazon-linux-ami-2-upgrade-firefox
  • amazon-linux-ami-2-upgrade-firefox-debuginfo
  • amazon-linux-ami-2-upgrade-thunderbird
  • amazon-linux-ami-2-upgrade-thunderbird-debuginfo

References

  • https://attackerkb.com/topics/cve-2023-25735
  • AL2/ALAS-2023-1983
  • AL2/ALASFIREFOX-2023-007
  • CVE - 2023-25735
  • 查看数 701
  • 已创建
  • 最后回复
转到主题列表