Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-5173
HistorySep 27, 2023 - 3:19 p.m.

Integer overflow

2023-09-2715:19:00
PRIOn knowledge base
www.prio-n.com
8
firefox
integer overflow
network traffic
out-of-bounds write
privileged process
vulnerability
firefox version 118
nvd

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

21.1%

In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory.
This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (network.http.altsvc.oe) is enabled. This vulnerability affects Firefox < 118.

CPENameOperatorVersion
firefoxlt118