CVE-2023-4576
CVSS v3.1
8.6 (High)
EPSS
0.07 % (31th)
Affected Products
4
Advisories
12
On Windows, an integer overflow could occur in RecordedSourceSurfaceCreation
which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape.
This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
Weaknesses
- CWE-190
- Integer Overflow or Wraparound
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2023-09-11 09:15:09
(12 months ago) - Updated Date
-
2023-09-13 11:15:10
(12 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...