Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-6208HistoryNov 21, 2023 - 3:15 p.m.
CVE-2023-6208
2023-11-2115:15:07
Debian Security Bug Tracker
security-tracker.debian.org
12
x11
firefox
vulnerability
thunderbird
unix
selection api
primary selection
clipboard
cve-2023-6208
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.9
Confidence
High
EPSS
0.001
Percentile
34.6%
When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard. This bug only affects Firefox on X11. Other systems are unaffected. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | firefox | < 120.0-1 | firefox_120.0-1_all.deb |
| Debian | 12 | all | firefox-esr | < 115.5.0esr-1~deb12u1 | firefox-esr_115.5.0esr-1~deb12u1_all.deb |
| Debian | 11 | all | firefox-esr | < 115.5.0esr-1~deb11u1 | firefox-esr_115.5.0esr-1~deb11u1_all.deb |
| Debian | 999 | all | firefox-esr | < 115.5.0esr-1 | firefox-esr_115.5.0esr-1_all.deb |
| Debian | 13 | all | firefox-esr | < 115.5.0esr-1 | firefox-esr_115.5.0esr-1_all.deb |
| Debian | 12 | all | thunderbird | < 1:115.5.0-1~deb12u1 | thunderbird_1:115.5.0-1~deb12u1_all.deb |
| Debian | 11 | all | thunderbird | < 1:115.5.0-1~deb11u1 | thunderbird_1:115.5.0-1~deb11u1_all.deb |
| Debian | 999 | all | thunderbird | < 1:115.5.0-1 | thunderbird_1:115.5.0-1_all.deb |
| Debian | 13 | all | thunderbird | < 1:115.5.0-1 | thunderbird_1:115.5.0-1_all.deb |
Related
cve
cve
CVE-2023-6208
2023-11-21 15:15:07
veracode
veracode
Clipboard Injection
2023-11-28 14:18:12
alpinelinux
alpinelinux
CVE-2023-6208
2023-11-21 15:15:07
ubuntucve
ubuntucve
CVE-2023-6208
2023-11-21 00:00:00
redhatcve
redhatcve
CVE-2023-6208
2023-11-21 23:10:13
nvd
nvd
CVE-2023-6208
2023-11-21 15:15:07
prion
prion
Code injection
2023-11-21 15:15:00
cvelist
cvelist
CVE-2023-6208
2023-11-21 14:28:53
nessus
nessus
Mozilla Firefox < 115.5
2023-11-21 00:00:00
Oracle Linux 8 : thunderbird (ELSA-2023-7500)
2023-11-29 00:00:00
CentOS 8 : firefox (CESA-2023:7508)
2024-02-08 00:00:00
osv
osv
firefox-esr - security update
2023-11-22 00:00:00
Important: thunderbird security update
2023-11-28 22:43:36
firefox-esr - security update
2023-11-23 00:00:00
rocky
rocky
thunderbird security update
2023-11-28 22:43:36
oraclelinux
oraclelinux
firefox security update
2023-11-27 00:00:00
thunderbird security update
2023-11-28 00:00:00
thunderbird security update
2023-11-28 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3674-1)
2023-12-01 00:00:00
Ubuntu: Security Advisory (USN-6515-1)
2023-11-28 00:00:00
openSUSE: Security Advisory for MozillaThunderbird (SUSE-SU-2023:4588-1)
2024-03-04 00:00:00
redhat
redhat
(RHSA-2023:7512) Important: firefox security update
2023-11-27 15:09:40
(RHSA-2023:7570) Important: thunderbird security update
2023-11-29 12:31:12
(RHSA-2023:7501) Important: thunderbird security update
2023-11-27 15:02:56
slackware
slackware
[slackware-security] mozilla-firefox
2023-11-21 21:38:12
[slackware-security] mozilla-thunderbird
2023-11-22 19:38:40
ubuntu
ubuntu
Thunderbird vulnerabilities
2023-11-27 00:00:00
Firefox vulnerabilities
2023-11-23 00:00:00
Firefox regressions
2023-12-04 00:00:00
almalinux
almalinux
Important: firefox security update
2023-11-27 00:00:00
Important: firefox security update
2023-11-27 00:00:00
Important: thunderbird security update
2023-11-27 00:00:00
debian
debian
[SECURITY] [DSA 5561-1] firefox-esr security update
2023-11-22 19:19:54
[SECURITY] [DSA 5566-1] thunderbird security update
2023-11-26 00:04:01
[SECURITY] [DLA 3674-1] thunderbird security update
2023-11-30 14:26:11
kaspersky
kaspersky
KLA62089 Multiple vulnerabilities in Mozilla Firefox ESR
2023-11-21 00:00:00
KLA62090 Multiple vulnerabilities in Mozilla Thunderbird
2023-11-21 00:00:00
KLA62070 Multiple vulnerabilities in Mozilla Firefox
2023-11-21 00:00:00
mageia
mageia
Updated thunderbird packages fix security vulnerabilities
2023-12-08 13:55:49
Updated firefox packages fix security vulnerabilities
2023-12-08 13:55:49
amazon
amazon
Important: thunderbird
2024-01-03 21:04:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 115.5.0 — Mozilla
2023-11-21 00:00:00
Security Vulnerabilities fixed in Thunderbird 115.5 — Mozilla
2023-11-21 00:00:00
Security Vulnerabilities fixed in Firefox 120 — Mozilla
2023-11-21 00:00:00
redos
redos
ROS-20240927-06
2024-09-27 00:00:00
gentoo
gentoo
Mozilla Thunderbird: Multiple Vulnerabilities
2024-02-19 00:00:00
ibm
ibm
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.9
Confidence
High
EPSS
0.001
Percentile
34.6%
Related for DEBIANCVE:CVE-2023-6208