SB2023112303 - Ubuntu update for firefox 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023112303

SB2023112303 - Ubuntu update for firefox

Published: November 23, 2023

Security Bulletin ID SB2023112303
Severity
High
Patch available
YES
Number of vulnerabilities 10
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 50% Medium 30% Low 20%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 10 secuirty vulnerabilities.


1) Multiple Interpretations of UI Input (CVE-ID: CVE-2023-6206)

The vulnerability allows a remote attacker to perform clickjacking attack.

The vulnerability exists due to the black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. A remote attacker can perform clickjacking attack and trick the victim into pressing the permissions grant button.


2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-6210)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to application does not properly impose security restrictions. When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content, such as iframes from insecure http: URLs.


3) Multiple Interpretations of UI Input (CVE-ID: CVE-2023-6211)

The vulnerability allows a remote attacker to perform clickjacking attack.

If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game.

4) Memory corruption (CVE-ID: CVE-2023-6212)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim ti visit a specially crafted website, trigger a memory corruption and execute arbitrary code on the target system.


5) Buffer overflow (CVE-ID: CVE-2023-6213)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


6) Out-of-bounds write (CVE-ID: CVE-2023-6204)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing HTML content in in WebGL2 blitFramebuffer. A remote attacker can trick the victim ti visit a specially crafted website, trigger an out-of-bounds write and execute arbitrary code on the target system.


7) Use-after-free (CVE-ID: CVE-2023-6205)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the MessagePort::Entangled() method. A remote attacker can trick the victim to open a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.


8) Use-after-free (CVE-ID: CVE-2023-6207)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the ReadableByteStreamQueueEntry::Buffer() method. A remote attacker can trick the victim to open a specially crafted website, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.


9) Information disclosure (CVE-ID: CVE-2023-6208)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to the Selection API copies text by mistake into the primary selection, a temporary storage not unlike the clipboard, when using on X11. A local user can gain access to potentially sensitive information.

Note, the vulnerability affects only Firefox installations on X11.


10) Input validation error (CVE-ID: CVE-2023-6209)

The vulnerability allows a remote attacker to manipulate data on websites.

The vulnerability exists due to insufficient validation of user-supplied input when parsing relative URLs that start with a triple slash, e.g. "///". A remote attacker can use a path-traversal "/../" part in the path to override the specified host.


Remediation

Install update from vendor's website.

References