CVE-2023-6863

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 19, 2023
Updated: Feb 2, 2024

Summary

CVE-2023-6863 is a vulnerability affecting Firefox ESR versions under 115.6, Thunderbird under 115.6, and Firefox under 121. The issue stems from the `ShutdownObserver()` function, which relies on a dynamic type without a virtual destructor, leading to potential undefined behavior. This vulnerability could result in various unintended consequences, including memory corruption and crashes, making it critical for users to apply the necessary patches.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share