Количество 10
Количество 10
BDU:2023-07863
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с некорректным внешним управлением именем или путем файла, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации
CVE-2023-25734
After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
CVE-2023-25734
After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
CVE-2023-25734
After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
CVE-2023-25734
After downloading a Windows <code>.url</code> shortcut from the local ...
GHSA-wpvr-v2cc-f6qx
After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
SUSE-SU-2023:0599-1
Security update for MozillaThunderbird
SUSE-SU-2023:0469-1
Security update for MozillaFirefox
SUSE-SU-2023:0466-1
Security update for MozillaFirefox
SUSE-SU-2023:0461-1
Security update for MozillaFirefox
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2023-07863 Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с некорректным внешним управлением именем или путем файла, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации | CVSS3: 8.1 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-25734 After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. | CVSS3: 8.1 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-25734 After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. | CVSS3: 6.1 | 0% Низкий | почти 3 года назад |
 | CVE-2023-25734 After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. | CVSS3: 8.1 | 0% Низкий | больше 2 лет назад |
| CVE-2023-25734 After downloading a Windows <code>.url</code> shortcut from the local ... | CVSS3: 8.1 | 0% Низкий | больше 2 лет назад |
| GHSA-wpvr-v2cc-f6qx After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. | CVSS3: 8.1 | 0% Низкий | больше 2 лет назад |
 | SUSE-SU-2023:0599-1 Security update for MozillaThunderbird | больше 2 лет назад | ||
| SUSE-SU-2023:0469-1 Security update for MozillaFirefox | почти 3 года назад | ||
| SUSE-SU-2023:0466-1 Security update for MozillaFirefox | почти 3 года назад | ||
| SUSE-SU-2023:0461-1 Security update for MozillaFirefox | почти 3 года назад |
Уязвимостей на страницу