In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
Metrics
Affected Vendors & Products
References
History
Tue, 22 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mozilla firefox Esr
|
|
CPEs | cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox_esr:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Mozilla firefox Esr
|
|
Metrics |
ssvc
|
Mon, 21 Oct 2024 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | ||
Vendors & Products |
Mozilla firefox Esr
|
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2023-08-01T14:58:31.812Z
Updated: 2024-10-22T15:05:33.710Z
Reserved: 2023-08-01T14:58:10.910Z
Link: CVE-2023-4050
Vulnrichment
Updated: 2024-08-02T07:17:12.069Z
NVD
Status : Modified
Published: 2023-08-01T15:15:10.090
Modified: 2024-10-21T19:24:02.230
Link: CVE-2023-4050
Redhat