Oval Definition:oval:org.opensuse.security:def:202323598
Revision Date:2023-06-22Version:1
Title:CVE-2023-23598
Description:

Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to DataTransfer.setData. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2023-23598
SUSE CVE-2023-23598
SUSE-SU-2023:0111-1
SUSE-SU-2023:0112-1
SUSE-SU-2023:0113-1
SUSE-SU-2023:0329-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP5
SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE Linux Enterprise Module for Desktop Applications 15 SP5
SUSE Linux Enterprise Server 15 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE Linux Enterprise Workstation Extension 15 SP5
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP5 is installed
  • AND
  • MozillaThunderbird is affected
  • OR MozillaThunderbird-translations-common is affected
  • OR MozillaThunderbird-translations-other is affected
  • OR Package Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed
  • OR SUSE Linux Enterprise Module for Desktop Applications 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • AND
  • MozillaFirefox-102.11.0-150200.152.87.1 is installed
  • OR MozillaFirefox-devel-102.11.0-150200.152.87.1 is installed
  • OR MozillaFirefox-translations-common-102.11.0-150200.152.87.1 is installed
  • OR MozillaFirefox-translations-other-102.11.0-150200.152.87.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed
  • OR SUSE Linux Enterprise Module for Desktop Applications 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • AND Package Information
  • MozillaFirefox-102.11.0-150200.152.87.1 is installed
  • OR MozillaFirefox-devel-102.11.0-150200.152.87.1 is installed
  • OR MozillaFirefox-translations-common-102.11.0-150200.152.87.1 is installed
  • OR MozillaFirefox-translations-other-102.11.0-150200.152.87.1 is installed
    • BACK