Описание
It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 120, Firefox < 115.5, and Thunderbird < 115.5.0.
It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 120, Firefox < 115.5, and Thunderbird < 115.5.0.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-6205
- https://bugzilla.mozilla.org/show_bug.cgi?id=1854076
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49
- https://www.mozilla.org/security/advisories/mfsa2023-50
- https://www.mozilla.org/security/advisories/mfsa2023-52
Связанные уязвимости
It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
It was possible to cause the use of a MessagePort after it had already ...
Уязвимость функции MessagePort::Entangled() браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании или оказать иное воздействие