CVE-2023-4050
01.08.2023, 15:15
In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.Enginsight
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 𝑥 < 116.0 |
| mozilla | firefox | 102.0 ≤ 𝑥 < 102.14 |
| mozilla | firefox | 115.0 ≤ 𝑥 < 115.1 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 12.0 |
𝑥
= Vulnerable software versions
Debian Releases
Debian Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||||
| firefox-esr |
| ||||||||||||
| thunderbird |
|
Ubuntu Releases
Ubuntu Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||||||||
| mozjs102 |
| ||||||||||||||||
| mozjs38 |
| ||||||||||||||||
| mozjs52 |
| ||||||||||||||||
| mozjs68 |
| ||||||||||||||||
| mozjs78 |
| ||||||||||||||||
| mozjs91 |
| ||||||||||||||||
| thunderbird |
|
Common Weakness Enumeration
References