mickmick.net

Mozilla Firefox Multiple Vulnerabilities

Release Date: 15 Feb 2023

RISK: Medium Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Mozilla Firefox. A remote attacker could exploit some of these vulnerabilities to trigger spoofing, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.

---

Impact

• Spoofing
• Remote Code Execution
• Information Disclosure
• Security Restriction Bypass

---

System / Technologies affected

Versions prior to:

 

• Firefox 110
• Firefox ESR 102.8

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

• Firefox 110
• Firefox ESR 102.8

---

Vulnerability Identifier

• CVE-2023-0767
• CVE-2023-25728
• CVE-2023-25729
• CVE-2023-25730
• CVE-2023-25731
• CVE-2023-25732
• CVE-2023-25733
• CVE-2023-25734
• CVE-2023-25735
• CVE-2023-25736
• CVE-2023-25737
• CVE-2023-25738
• CVE-2023-25739
• CVE-2023-25740
• CVE-2023-25741
• CVE-2023-25742
• CVE-2023-25743
• CVE-2023-25744
• CVE-2023-25745
• CVE-2023-25746

---

Source

• Mozilla
• US-CERT

---

Related Link

• https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/
• https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/
• https://www.cisa.gov/uscert/ncas/current-activity/2023/02/14/mozilla-releases-security-updates-firefox-110-and-firefox-esr