CVE-2023-5173
CVSS v3.1
7.5 (High)
EPSS
0.06 % (24th)
Affected Products
1
Advisories
3
In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory.
This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (network.http.altsvc.oe
) is enabled. This vulnerability affects Firefox < 118.
Weaknesses
- CWE-190
- Integer Overflow or Wraparound
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2023-09-27 15:19:42
(11 months ago) - Updated Date
-
2024-01-07 11:15:14
(8 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...