![]() ![]() Note: This advisory was previously also tracked as CVE-2023-5129. We are aware of this issue being exploited in other products in the wild. The version of Firefox installed on the remote Windows host is prior to 117.0.1. Opening a malicious WebP image could lead to a heap buffer overflow in the content process. Security fix Download: Firefox 64-bit Firefox 32-bit 50.0 MB (Freeware) Download: Firefox 117.0.1 for Linux 64-bit 80.0 MB Download: Firefox for MacOS 128.0 MB View. #CVE-2023-4863: Heap buffer overflow in libwebp Reporter Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at The University of Toronto's Munk School Impact critical Description ![]() ![]() Mozilla Foundation Security Advisory 2023-40 Security Vulnerability fixed in Firefox 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1, and Thunderbird 115.2.2 Announced SeptemImpact critical Products Firefox, Firefox ESR, Thunderbird Fixed in ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |