![]() ![]() This bug only affects Firefox on Windows. ![]() On Windows, an integer overflow could occur in RecordedSourceSurfaceCreation which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. #CVE-2023-4576: Integer Overflow in RecordedSourceSurfaceCreation Reporter fffvr Impact high Description This could have led to a use-after-free causing a potentially exploitable crash. When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. #CVE-2023-4575: Memory corruption in IPC FilePickerShownCallback Reporter sonakkbi Impact high Description ![]() When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. #CVE-2023-4574: Memory corruption in IPC ColorPickerShownCallback Reporter sonakkbi Impact high Description When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. #CVE-2023-4573: Memory corruption in IPC CanvasTranslator Reporter sonakkbi Impact high Description Mozilla Foundation Security Advisory 2023-36 Security Vulnerabilities fixed in Firefox ESR 115.2 Announced AugImpact high Products Firefox ESR Fixed in ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |