In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. *This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`) is enabled.* This vulnerability affects Firefox < 118.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2023-09-27T14:13:51.511Z

Updated: 2024-08-02T07:52:07.552Z

Reserved: 2023-09-25T15:03:43.198Z

Link: CVE-2023-5173

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-09-27T15:19:42.340

Modified: 2024-11-21T08:41:13.910

Link: CVE-2023-5173

cve-icon Redhat

No data.