Session Restore Helper Crash in Firefox for iOS by Mozilla
CVE-2023-37456

6.5MEDIUM

Key Information:

Vendor: Mozilla
Status: Firefox For iOS
Vendor: CVE Published:; 12 July 2023

Summary

A vulnerability in Firefox for iOS allows the session restore helper to crash when no parameter is sent to the message handler, disrupting user sessions. This issue affects versions earlier than 115, potentially compromising user experience and stability. Users should ensure their applications are updated to mitigate any associated risks.

Affected Version(s)

Firefox for iOS < 115

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1795496

https://www.mozilla.org/security/advisories/mfsa2023-25/

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 12, 2023
Vulnerability Reserved
Jul 6, 2023

Credit

Artem Chaykin