Request a Demo
Rewterz
Rewterz Threat Advisory – Chaos Ransomware – Active IOCs
March 15, 2023
Rewterz
Rewterz Threat Alert -Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs
March 15, 2023

Rewterz Threat Advisory – Multiple Mozilla Firefox Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-28177 CVSS:8.8

Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.

CVE-2023-28176 CVSS:8.8

Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.

CVE-2023-28163 CVSS:6.5

Mozilla Firefox could provide weaker than expected, caused by an error when the Windows Save As dialog resolve environment variables. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to launch further attacks on the system.

CVE-2023-25752 CVSS:6.5

Mozilla Firefox could provide weaker than expected, caused by an out-of-bounds when accessing throttled streams. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to lead future code to be incorrect and vulnerable.

CVE-2023-28162 CVSS:6.5

Mozilla Firefox is vulnerable to a denial of service, caused by invalid downcast in Worklets. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause the browser to crash.

CVE-2023-28161 CVSS:6.5

Mozilla Firefox could provide weaker than expected, caused by an error when one-time permissions granted to a local file were extended to other local files loaded in the same tab. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to launch further attacks on the system.

CVE-2023-28160 CVSS:6.5

Mozilla Firefox could allow a remote attacker to obtain sensitive information, caused by the leak of the local path when following a redirect to a publicly accessible web extension file. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to obtain sensitive information.

CVE-2023-25751 CVSS:6.5

Mozilla Firefox is vulnerable to a denial of service, caused by incorrect code generation during JIT compilation. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause the browser to crash.

CVE-2023-25750 CVSS:6.5

Mozilla Firefox could allow a remote attacker to obtain sensitive information, caused by the leak of a ServiceWorker’s offline cache when using private browsing mode. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to obtain sensitive information.

CVE-2023-25749 CVSS:6.5

Mozilla Firefox for Android could provide weaker than expected security, caused by the opening of third-party apps without prompt. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to launch android applications with unpatched vulnerabilities.

CVE-2023-25748 CVSS:6.5

Mozilla Firefox for Android could allow a remote attacker to conduct spoofing attacks, caused by the hiding of the fullscreen notification using window prompts. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to cause user confusion or perform spoofing attacks.

CVE-2023-28159 CVSS:6.5

Mozilla Firefox for Android could allow a remote attacker to conduct spoofing attacks, caused by the hiding of the fullscreen notification using download popups. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to cause user confusion or perform spoofing attacks.

CVE-2023-28164 CVSS:6.5

Mozilla Firefox could allow a remote attacker to conduct spoofing attacks, caused by dragging a URL from a cross-origin iframe that was removed during the drag. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to cause user confusion or perform spoofing attacks.

Impact

  • Code Execution
  • Denial of Service
  • Information Disclosure
  • Unauthorized Access

Indicators Of Compromise

CVE

  • CVE-2023-28177
  • CVE-2023-28176
  • CVE-2023-28163
  • CVE-2023-25752
  • CVE-2023-28162
  • CVE-2023-28161
  • CVE-2023-28160
  • CVE-2023-25751
  • CVE-2023-25750
  • CVE-2023-25749
  • CVE-2023-25748
  • CVE-2023-28159
  • CVE-2023-28164

Affected Vendors

Mozilla

Affected Products

  • Mozilla firefox 110
  • Mozilla Firefox for Android 110
  • Mozilla Firefox ESR 102.8

Remediation

Refer to Mozilla Foundation Security Advisory for patch, upgrade or suggested workaround information.

Mozilla firefox 110

Mozilla Firefox ESR 102.8