CVE-2023-5173
EUVD-2023-5751027.09.2023, 15:19
In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. *This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`) is enabled.* This vulnerability affects Firefox < 118.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 𝑥 < 118 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||||||||
| mozjs102 |
| ||||||||||||||||
| mozjs38 |
| ||||||||||||||||
| mozjs52 |
| ||||||||||||||||
| mozjs68 |
| ||||||||||||||||
| mozjs78 |
| ||||||||||||||||
| mozjs91 |
| ||||||||||||||||
| thunderbird |
|
References