During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
Metrics
Affected Vendors & Products
References
History
Mon, 23 Sep 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2023-09-27T14:13:12.642Z
Updated: 2024-09-23T19:24:55.774Z
Reserved: 2023-09-25T15:03:42.289Z
Link: CVE-2023-5171
Vulnrichment
Updated: 2024-08-02T07:52:07.557Z
NVD
Status : Analyzed
Published: 2023-09-27T15:19:42.227
Modified: 2023-10-12T02:52:09.820
Link: CVE-2023-5171
Redhat