Количество 12
Количество 12
GHSA-f2q9-pfpx-m83g
A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.
CVE-2023-29532
A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.
CVE-2023-29532
A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.
CVE-2023-29532
A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.
CVE-2023-29532
A local attacker can trick the Mozilla Maintenance Service into applyi ...
BDU:2023-02675
Уязвимость службы Mozilla Maintenance браузеров Mozilla Firefox, Focus for Android, Mozilla Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю получить доступ на чтение, изменение или удаление данных
SUSE-SU-2023:1855-1
Security update for MozillaFirefox
SUSE-SU-2023:1819-1
Security update for MozillaFirefox
SUSE-SU-2023:1817-1
Security update for MozillaFirefox
ROS-20230505-02
Множественные уязвимости firefox
ROS-20230505-01
Множественные уязвимости thunderbird
SUSE-SU-2023:2064-1
Security update for MozillaThunderbird
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-f2q9-pfpx-m83g A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10. | CVSS3: 5.5 | 0% Низкий | около 2 лет назад |
 | CVE-2023-29532 A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10. | CVSS3: 5.5 | 0% Низкий | около 2 лет назад |
 | CVE-2023-29532 A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10. | CVSS3: 7.5 | 0% Низкий | около 2 лет назад |
 | CVE-2023-29532 A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10. | CVSS3: 5.5 | 0% Низкий | около 2 лет назад |
| CVE-2023-29532 A local attacker can trick the Mozilla Maintenance Service into applyi ... | CVSS3: 5.5 | 0% Низкий | около 2 лет назад |
 | BDU:2023-02675 Уязвимость службы Mozilla Maintenance браузеров Mozilla Firefox, Focus for Android, Mozilla Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю получить доступ на чтение, изменение или удаление данных | CVSS3: 5.3 | 0% Низкий | около 2 лет назад |
 | SUSE-SU-2023:1855-1 Security update for MozillaFirefox | около 2 лет назад | ||
| SUSE-SU-2023:1819-1 Security update for MozillaFirefox | около 2 лет назад | ||
| SUSE-SU-2023:1817-1 Security update for MozillaFirefox | около 2 лет назад | ||
 | ROS-20230505-02 Множественные уязвимости firefox | CVSS3: 8.8 | около 2 лет назад | |
| ROS-20230505-01 Множественные уязвимости thunderbird | CVSS3: 6.3 | около 2 лет назад | |
| SUSE-SU-2023:2064-1 Security update for MozillaThunderbird | около 2 лет назад |
Уязвимостей на страницу