mickmick.net

Mozilla Products Multiple Vulnerabilities

Release Date: 22 Nov 2023

RISK: Medium Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to data manipulation, sensitive information disclosure, elevation of privilege, denial of service, security restriction bypass and remote code execution on the targeted system.

---

Impact

• Denial of Service
• Remote Code Execution
• Information Disclosure
• Data Manipulation
• Elevation of Privilege
• Security Restriction Bypass

---

System / Technologies affected

Versions prior to:

 

• Firefox ESR 115.5
• Firefox for iOS 120
• Firefox 120
• Thunderbird 115.5

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

• Firefox ESR 115.5
• Firefox for iOS 120
• Firefox 120
• Thunderbird 115.5

 

---

Vulnerability Identifier

• CVE-2023-6204
• CVE-2023-6205
• CVE-2023-6206
• CVE-2023-6207
• CVE-2023-6208
• CVE-2023-6209
• CVE-2023-6210
• CVE-2023-6211
• CVE-2023-6212
• CVE-2023-6213
• CVE-2023-49060
• CVE-2023-49061

 

---

Source

• Mozilla

---

Related Link

• https://www.mozilla.org/en-US/security/advisories/mfsa2023-52/
• https://www.mozilla.org/en-US/security/advisories/mfsa2023-51/
• https://www.mozilla.org/en-US/security/advisories/mfsa2023-50/
• https://www.mozilla.org/en-US/security/advisories/mfsa2023-49/