Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALASFIREFOX-2023-014

Related Vulnerabilities: CVE-2023-4573   CVE-2023-4574   CVE-2023-4575   CVE-2023-4581   CVE-2023-4584  

Memory corruption in IPC CanvasTranslator (CVE-2023-4573) Memory corruption in IPC ColorPickerShownCallback (CVE-2023-4574) Memory corruption in IPC FilePickerShownCallback (CVE-2023-4575) XLL file extensions were downloadable without warnings. (CVE-2023-4581) Memory safety bug (CVE-2023-4584)

Source

ALASFIREFOX-2023-014

Amazon Linux 2 Security Advisory: ALASFIREFOX-2023-014
Advisory Release Date: 2023-09-27 22:59 Pacific
Advisory Updated Date: 2023-10-06 00:18 Pacific
Severity: Important
Issue Overview:

Memory corruption in IPC CanvasTranslator (CVE-2023-4573)

Memory corruption in IPC ColorPickerShownCallback (CVE-2023-4574)

Memory corruption in IPC FilePickerShownCallback (CVE-2023-4575)

XLL file extensions were downloadable without warnings. (CVE-2023-4581)

Memory safety bug (CVE-2023-4584)


Affected Packages:

firefox


Issue Correction:
Run yum update firefox to update your system.

New Packages:
aarch64:
    firefox-102.15.0-1.amzn2.0.1.aarch64
    firefox-debuginfo-102.15.0-1.amzn2.0.1.aarch64

src:
    firefox-102.15.0-1.amzn2.0.1.src

x86_64:
    firefox-102.15.0-1.amzn2.0.1.x86_64
    firefox-debuginfo-102.15.0-1.amzn2.0.1.x86_64

Additional References

Red Hat: CVE-2023-4573, CVE-2023-4574, CVE-2023-4575, CVE-2023-4581, CVE-2023-4584

Mitre: CVE-2023-4573, CVE-2023-4574, CVE-2023-4575, CVE-2023-4581, CVE-2023-4584

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started