A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the <code>file://</code> context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefox < 109.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2023-06-02T00:00:00

Updated: 2024-08-02T10:35:33.591Z

Reserved: 2023-01-16T00:00:00

Link: CVE-2023-23597

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-06-02T17:15:10.537

Modified: 2024-11-21T07:46:30.347

Link: CVE-2023-23597

cve-icon Redhat

No data.