CVE-2023-6862

Summary

A use-after-free was identified in the nsDNSService::Init. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox ESRunspecified < 115.6affected
MozillaThunderbirdunspecified < 115.6affected

Weaknesses

  • Use-after-free in nsDNSService

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References