In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory.
*This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`) is enabled.* This vulnerability affects Firefox < 118.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2023-09-27T14:13:51.511Z
Updated: 2024-08-02T07:52:07.552Z
Reserved: 2023-09-25T15:03:43.198Z
Link: CVE-2023-5173
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-09-27T15:19:42.340
Modified: 2024-11-21T08:41:13.910
Link: CVE-2023-5173
Redhat
No data.