QID 377975

Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android.

Mozilla Firefox is prone to
CVE-2023-25728: Content security policy leak in violation reports using iframes
CVE-2023-25730: Screen hijack via browser fullscreen mode
CVE-2023-25743: Fullscreen notification not shown in Firefox Focus
CVE-2023-0767: Arbitrary memory write via PKCS 12 in NSS
CVE-2023-25735: Potential use-after-free from compartment mismatch in SpiderMonkey
CVE-2023-25737: Invalid downcast in SVGUtils::SetupStrokeGeometry
CVE-2023-25738: Printing on Windows could potentially crash Firefox with some device drivers
CVE-2023-25739: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
CVE-2023-25729: Extensions could have opened external schemes without user knowledge
CVE-2023-25732: Out of bounds memory write from EncodeInputStream
CVE-2023-25734: Opening local .url files could cause unexpected network loads
CVE-2023-25740: Opening local .scf files could cause unexpected network loads
CVE-2023-25731: Prototype pollution when rendering URLPreview
CVE-2023-25733: Possible null pointer dereference in TaskbarPreviewCallback
CVE-2023-25736: Invalid downcast in GetTableSelectionMode
CVE-2023-25741: Same-origin policy leak via image drag and drop
CVE-2023-25742: Web Crypto ImportKey crashes tab
CVE-2023-25744: Memory safety bugs fixed in Firefox 110 and Firefox ESR 102.8
CVE-2023-25745: Memory safety bugs fixed in Firefox 110

Affected Products:
Prior to Firefox 110

QID Detection Logic (Authenticated) :
This checks for vulnerable version of Firefox browser.

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.