Oval Definition:oval:org.opensuse.security:def:202323597
Revision Date:2023-06-22Version:1
Title:CVE-2023-23597
Description:

A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefox < 109.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2023-23597
SUSE CVE-2023-23597
Platform(s):SUSE Linux Enterprise Desktop 15 SP5
SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE Linux Enterprise Module for Desktop Applications 15 SP5
SUSE Linux Enterprise Server 15 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE Linux Enterprise Workstation Extension 15 SP5
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed
  • OR SUSE Linux Enterprise Module for Desktop Applications 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • AND
  • MozillaFirefox is affected
  • OR MozillaFirefox-devel is affected
  • OR MozillaFirefox-translations-common is affected
  • OR MozillaFirefox-translations-other is affected
  • OR Package Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP5 is installed
  • AND
  • MozillaThunderbird is affected
  • OR MozillaThunderbird-translations-common is affected
  • OR MozillaThunderbird-translations-other is affected
    • BACK