Produkty:
Domů
Pro malé podniky
Pro střední podniky
Pro velké podniky
Zranitelnosti Hrozby
Úvod Zranitelnosti

Multiple vulnerabilities in Mozilla Firefox ESR

Kaspersky ID:
KLA20238
Detekováno:
02/14/2023
Aktualizováno:
03/28/2025

Popis

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information, spoof user interface, bypass security restrictions.

Below is a complete list of vulnerabilities:

  1. Out of bounds memory write vulnerability in inputStream can be exploited to cause denial of service.
  2. Denial of service vulnerability in printing subsystem can be exploited to cause denial of service.
  3. Memory safety vulnerability can be exploited to execute arbitrary code.
  4. Use after free vulnerability in SpiderMonkey can be exploited to cause denial of service or execute arbitrary code.
  5. Information disclosure vulnerability can be exploited to obtain sensitive information.
  6. Security UI vulnerability in full-screen mode can be exploited to spoof user interface.
  7. Security UI vulnerability can be exploited to spoof user interface.
  8. Information disclosure vulnerability in CSP header can be exploited to obtain sensitive information.
  9. Denial of service vulnerability in Web Crypto can be exploited to cause denial of service.
  10. Security vulnerability can be exploited to bypass security restrictions.
  11. Use after free vulnerability in ScriptLoadContext can be exploited to cause denial of service or execute arbitrary code.
  12. Remote code execution vulnerability in SVGUtils can be exploited remotely to execute arbitrary code and cause denial of service.
  13. Remote code execution vulnerability in NSS can be exploited remotely to execute arbitrary code.

Oficiální doporučení

Vykořisťování

Public exploits exist for this vulnerability.

Související produkty

seznam CVE

  • CVE-2023-25742
    high
  • CVE-2023-25738
    high
  • CVE-2023-25730
    high
  • CVE-2023-25734
    critical
  • CVE-2023-25744
    critical
  • CVE-2023-25729
    critical
  • CVE-2023-25732
    critical
  • CVE-2023-25737
    critical
  • CVE-2023-25735
    critical
  • CVE-2023-25728
    high
  • CVE-2023-25739
    critical
  • CVE-2023-0767
    critical
  • CVE-2023-25743
    critical
  • CVE-2023-25746
    critical

Zobrazit více

Zjistěte statistiky zranitelností šířících se ve vaší oblasti statistics.securelist.com

Našli jste v popisu této chyby zabezpečení nepřesnost? Dej nám vědět!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Zjistěte více
Kaspersky Premium
Zjistěte více
Related articles
18 March 2026
Securelist
The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico
16 March 2026
Securelist
Free real estate: GoPix, the banking Trojan living off your memory
10 March 2026
Securelist
BeatBanker: A dual‑mode Android Trojan
06 March 2026
Securelist
Exploits and vulnerabilities in Q4 2025
04 March 2026
Securelist
Mobile malware evolution in 2025
19 February 2026
Securelist
Arkanix Stealer: a C++ & Python infostealer
Našli jste v popisu této chyby zabezpečení nepřesnost?
Pokud jste našli novou hrozbu nebo zranitelnost, dejte nám prosím vědět e-mailem:
newvirus@kaspersky.com
Našli jste novou hrozbu nebo zranitelnost?
Pokud jste našli novou hrozbu nebo zranitelnost, dejte nám prosím vědět e-mailem:
newvirus@kaspersky.com
Produkty
Domů
Pro malé podniky
Pro střední podniky
Pro velké podniky
Select language
Severity level
Critical
High
Warning
Sorting
Kaspersky ID
Zranitelnost
Detect date
Míra zranitelnosti
You must select at least one severity level
Do you want to save your changes?
Your message has been sent successfully.