5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.046 Low
EPSS
Percentile
92.6%
The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote
attackers to cause a denial of service (integer underflow, assertion
failure, and application exit) via a single-byte header frame that triggers
incorrect memory allocation.