Bug 2219750 (CVE-2023-37208)
Summary: | CVE-2023-37208 Mozilla: Lack of warning when opening Diagcab files | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Dhananjay Arunesh <darunesh> |
Component: | vulnerability | Assignee: | Nobody <nobody> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | abobrov, desktop-qa-list, elima, erack, jhorak, nobody, stransky, tpopela |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | firefox 102.13, thunderbird 102.13 | Doc Type: | --- |
Doc Text: |
The Mozilla Foundation Security Advisory describes this flaw as:
When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2023-07-13 16:53:34 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2217668, 2217669, 2217670, 2217671, 2217672, 2217673, 2217674, 2217675, 2217676, 2217677, 2217678, 2217684, 2217685, 2217686, 2217687, 2217688, 2217689, 2217690, 2217691, 2217692, 2217693, 2217694 | ||
Bug Blocks: | 2217666 |
Description
Dhananjay Arunesh
2023-07-05 06:39:53 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:4063 https://access.redhat.com/errata/RHSA-2023:4063 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:4064 https://access.redhat.com/errata/RHSA-2023:4064 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:4062 https://access.redhat.com/errata/RHSA-2023:4062 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:4068 https://access.redhat.com/errata/RHSA-2023:4068 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:4070 https://access.redhat.com/errata/RHSA-2023:4070 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:4065 https://access.redhat.com/errata/RHSA-2023:4065 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:4067 https://access.redhat.com/errata/RHSA-2023:4067 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:4069 https://access.redhat.com/errata/RHSA-2023:4069 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:4071 https://access.redhat.com/errata/RHSA-2023:4071 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:4072 https://access.redhat.com/errata/RHSA-2023:4072 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:4073 https://access.redhat.com/errata/RHSA-2023:4073 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:4066 https://access.redhat.com/errata/RHSA-2023:4066 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:4076 https://access.redhat.com/errata/RHSA-2023:4076 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:4075 https://access.redhat.com/errata/RHSA-2023:4075 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:4074 https://access.redhat.com/errata/RHSA-2023:4074 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:4079 https://access.redhat.com/errata/RHSA-2023:4079 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-37208 |