![]() #CVE-2023-6858: Heap buffer overflow in nsTextFragment Reporter Irvan Kurniawan Impact moderate Descriptionįirefox was susceptible to a heap buffer overflow in nsTextFragment due to insufficient OOM handling. ![]() This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). When resolving a symlink, a race may occur where the buffer passed to readlink may actually be smaller than necessary. #CVE-2023-6857: Symlinks may resolve to smaller than expected buffers Reporter Jed Davis Impact moderate Description This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. #CVE-2023-6865: Potential exposure of uninitialized data in EncryptingOutputStream Reporter Jan Varga Impact high DescriptionĮncryptingOutputStream was susceptible to exposing uninitialized data. This issue could allow an attacker to perform remote code execution and sandbox escape. The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. #CVE-2023-6856: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver Reporter DoHyun Lee Impact high Description Mozilla Foundation Security Advisory 2023-54 Security Vulnerabilities fixed in Firefox ESR 115.6 Announced DecemImpact high Products Firefox ESR Fixed in
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |