Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-6863

Опубликовано: 19 дек. 2023
Источник: redhat
CVSS3: 6.1

Описание

The ShutdownObserver() was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

The Mozilla Foundation Security Advisory describes this flaw as: The ShutdownObserver() was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor.

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6firefoxOut of support scope
Red Hat Enterprise Linux 6thunderbirdOut of support scope
Red Hat Enterprise Linux 7firefoxFixedRHSA-2024:002602.01.2024
Red Hat Enterprise Linux 7thunderbirdFixedRHSA-2024:002702.01.2024
Red Hat Enterprise Linux 8thunderbirdFixedRHSA-2024:000302.01.2024
Red Hat Enterprise Linux 8firefoxFixedRHSA-2024:001202.01.2024
Red Hat Enterprise Linux 8.2 Advanced Update SupportfirefoxFixedRHSA-2024:002302.01.2024
Red Hat Enterprise Linux 8.2 Advanced Update SupportthunderbirdFixedRHSA-2024:003002.01.2024
Red Hat Enterprise Linux 8.2 Telecommunications Update ServicefirefoxFixedRHSA-2024:002302.01.2024
Red Hat Enterprise Linux 8.2 Telecommunications Update ServicethunderbirdFixedRHSA-2024:003002.01.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=2255369Mozilla: Undefined behavior in <code>ShutdownObserver()</code>

6.1 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-6863

CVSS3: 8.8
ubuntu
почти 2 года назад

The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

nvd логотип

CVE-2023-6863

CVSS3: 8.8
nvd
почти 2 года назад

The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

debian логотип

CVE-2023-6863

CVSS3: 8.8
debian
почти 2 года назад

The `ShutdownObserver()` was susceptible to potentially undefined beha ...

github логотип

GHSA-hx5f-6r56-q754

CVSS3: 8.8
github
почти 2 года назад

The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

fstec логотип

BDU:2023-09118

CVSS3: 8.8
fstec
почти 2 года назад

Уязвимость функции ShutdownObserver() браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

6.1 Medium

CVSS3