exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

CVE-2023-6204

Status Candidate

Overview

On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

Related Files

Ubuntu Security Notice USN-6509-2
Posted Dec 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6509-2 - USN-6509-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. It was discovered that Firefox did not properly manage memory when images were created on the canvas element. An attacker could potentially exploit this issue to obtain sensitive information. It discovered that Firefox incorrectly handled certain memory when using a MessagePort. An attacker could potentially exploit this issue to cause a denial of service. It discovered that Firefox incorrectly did not properly manage ownership in ReadableByteStreams. An attacker could potentially exploit this issue to cause a denial of service. It discovered that Firefox incorrectly did not properly manage copy operations when using Selection API in X11. An attacker could potentially exploit this issue to obtain sensitive information. Rachmat Abdul Rokhim discovered incorrectly handled parsing of relative URLS starting with "///". An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-6204, CVE-2023-6205, CVE-2023-6207, CVE-2023-6208, CVE-2023-6209, CVE-2023-6210
SHA-256 | ad83f1762f0c9b91d83173c5919f250795adb5f0c74dd9b083106a33e56ea5bf
Red Hat Security Advisory 2023-7577-01
Posted Nov 30, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7577-01 - An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | 12efaa999df17079c27fbe4a21a5a40fb267ef85ab6ce768752e7900ec79eaf7
Red Hat Security Advisory 2023-7574-01
Posted Nov 30, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7574-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | d1a220fb1ae4dfa27617db1cd1bfe56a750570c5e788863d7d460ab08ed88de3
Red Hat Security Advisory 2023-7573-01
Posted Nov 30, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7573-01 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | b2385dba090405aaf6ebdc92b8c04e19780a8ad78f0553d5dc6a33dcc29d9825
Red Hat Security Advisory 2023-7570-01
Posted Nov 30, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7570-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | c4cce8df9914e0f2b263f04a727617819144a6e86166a4d30d520e5bbb255694
Red Hat Security Advisory 2023-7569-01
Posted Nov 30, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7569-01 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | 762199ee60248b437be394a28157d44586b64b2b7540d3853905688035021072
Red Hat Security Advisory 2023-7547-01
Posted Nov 29, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7547-01 - An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | b119c2c5ea4b43f387cf94fc69a13589abb2de07cd49e6a0005d4540abfce8f0
Red Hat Security Advisory 2023-7512-01
Posted Nov 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7512-01 - An update for firefox is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | be4158093bb9088477b66e1540394213060dfa104bba7f2ba16882f5035d8f9e
Red Hat Security Advisory 2023-7511-01
Posted Nov 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7511-01 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | 67d39304e371fa957ff2fac527917f5e03094285e37aaad83775be71a2b58b9f
Red Hat Security Advisory 2023-7510-01
Posted Nov 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7510-01 - An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | f115f1a94ffcbe172ec34c6665df9a9e2ae659b3ba16de99fa1d948b3942d8df
Red Hat Security Advisory 2023-7509-01
Posted Nov 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7509-01 - An update for firefox is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | a6165a273ac21cbd889dfcdef59ea69689fac3283316aa04714a31192e88f2a4
Red Hat Security Advisory 2023-7508-01
Posted Nov 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7508-01 - An update for firefox is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | f3e1ee4494e42a7f4fa6fd10aa12b82d6c4e9352177c1cf3ed5d1b8a908209a8
Red Hat Security Advisory 2023-7507-01
Posted Nov 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7507-01 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | 7edb92aaef680a780d8ca591a1f843f9e2e3762c2ec2773012f50a3ccbbb13d7
Red Hat Security Advisory 2023-7506-01
Posted Nov 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7506-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | b379358c72f62f083f678995c0db0b52013b72431cf7c43bc590bf9d8cfbde6b
Red Hat Security Advisory 2023-7505-01
Posted Nov 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7505-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | a68be71ee76d32248f220827b605e39ae2d94af397c9d695e5522809d4ee2cb1
Red Hat Security Advisory 2023-7504-01
Posted Nov 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7504-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | 66578075e360e832f27694d7b2effe808d5c74951c1ebb88c9764fccd314e446
Red Hat Security Advisory 2023-7503-01
Posted Nov 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7503-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | 7a090e7250de9b923d84e9046be9f88e32dfdbc159b02f4656bd76427e64c5b3
Red Hat Security Advisory 2023-7502-01
Posted Nov 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7502-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | 6a27015e4ca4bf51a530cc17ea10e33de3ab7c188c2f65464f07df6ec068e221
Red Hat Security Advisory 2023-7501-01
Posted Nov 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7501-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | 38d7031c937cbd250c9c214a06abbfbc69bdc34c7d9d29ad2880cfc6c8503b49
Red Hat Security Advisory 2023-7500-01
Posted Nov 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7500-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | 189275e909fa1ea3cbb6afe0167973e00cc5823af3f277534863359e7dfa57ba
Red Hat Security Advisory 2023-7499-01
Posted Nov 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7499-01 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6204
SHA-256 | b9831260a66e80720f5683e2b17d0bce91677b8c576c646cdef6cdf59f1e7247
Ubuntu Security Notice USN-6515-1
Posted Nov 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6515-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. It was discovered that Thunderbird did not properly manage memory when images were created on the canvas element. An attacker could potentially exploit this issue to obtain sensitive information.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-6204, CVE-2023-6205, CVE-2023-6207, CVE-2023-6208, CVE-2023-6209
SHA-256 | d6191b54a0838b3afcde840585c714c6bd2dee7e37aba7b54a20750739c63df2
Debian Security Advisory 5566-1
Posted Nov 27, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5566-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2023-6204, CVE-2023-6205, CVE-2023-6206, CVE-2023-6207, CVE-2023-6208, CVE-2023-6209, CVE-2023-6212
SHA-256 | dc1354b24c85d0736abec5ec30d71ed0e434f0143fd6ad92b25792e7a5fe5154
Ubuntu Security Notice USN-6509-1
Posted Nov 25, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6509-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. It was discovered that Firefox did not properly manage memory when images were created on the canvas element. An attacker could potentially exploit this issue to obtain sensitive information.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-6204, CVE-2023-6205, CVE-2023-6207, CVE-2023-6208, CVE-2023-6209, CVE-2023-6210, CVE-2023-6211, CVE-2023-6212
SHA-256 | b829fdf51cf2a37d15b78f3f6807c30a0b585c7fbda044f4d27c269eebcb3308
Debian Security Advisory 5561-1
Posted Nov 25, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5561-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information leaks or clickjacking.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2023-6204, CVE-2023-6205, CVE-2023-6206, CVE-2023-6207, CVE-2023-6208, CVE-2023-6209, CVE-2023-6212
SHA-256 | 6601acc60747d10ac14a92a45b7963ac8980a3a2ad51592be357beecdf48cf9a
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close