USN-6703-1: Firefox vulnerabilities | allinfosecnews.com

March 20, 2024, 5:48 a.m. |

Ubuntu security notices ubuntu.com

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-2609,
CVE-2024-2611, CVE-2024-2614, CVE-2024-2615)

Hubert Kario discovered that Firefox had a timing side-channel when
performing RSA decryption. A remote attacker could possibly use this
issue to recover sensitive information. (CVE-2023-5388)

It was discovered that Firefox did not properly handle WASM register …

arbitrary code attacker channel code cve decryption denial of service domains exploit firefox information performing rsa security security issues sensitive sensitive information service side-channel usn vulnerabilities website

More from ubuntu.com / Ubuntu security notices

USN-6778-1: Linux kernel vulnerabilities 2 days, 6 hours ago | ubuntu.com

attacker broadcom crash cve +20

USN-6777-1: Linux kernel vulnerabilities 2 days, 7 hours ago | ubuntu.com

attacker broadcom crash cve +20

USN-6776-1: Linux kernel vulnerabilities 2 days, 7 hours ago | ubuntu.com

attacker broadcom crash cve +20

USN-6775-1: Linux kernel vulnerabilities 2 days, 9 hours ago | ubuntu.com

attacker broadcom crash cve +20

USN-6774-1: Linux kernel vulnerabilities 2 days, 10 hours ago | ubuntu.com

attacker broadcom crash cve +18

USN-6773-1: .NET vulnerabilities 2 days, 11 hours ago | ubuntu.com

attacker code code execution cve +10

USN-6766-2: Linux kernel vulnerabilities 3 days, 9 hours ago | ubuntu.com

action attacker conditions crash +19

USN-6772-1: strongSwan vulnerability 4 days, 13 hours ago | ubuntu.com

access access controls attacker bypass +6

USN-6767-2: Linux kernel (BlueField) vulnerabilities 4 days, 15 hours ago | ubuntu.com

attacker compromise crash cve +18

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368

@ Allen Integrated Solutions | Chantilly, Virginia, United States

View on infosec-jobs.com

Consultant Sécurité SI H/F Gouvernance - Risques - Conformité

@ Hifield | Sèvres, France

View on infosec-jobs.com

Infrastructure Consultant

@ Telefonica Tech | Belfast, United Kingdom

View on infosec-jobs.com