CVE-2023-4050

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 1, 2023

Updated: Aug 9, 2023

CWE ID 787

Summary

CVE-2023-4050 is a vulnerability affecting Firefox versions earlier than 116, Firefox ESR versions earlier than 102.14, and Firefox ESR versions earlier than 115.1. The issue lies in the improper handling of untrusted input streams, which in specific cases were copied to stack buffers without proper size checks. This oversight could potentially result in a crash, creating an opportunity for a sandbox escape.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sMAACC
https://www.cve.org/CVERecord?id=CVE-2023-4050
https://nvd.nist.gov/vuln/detail/CVE-2023-4050

Back to Vulnerability Database

CVE-2023-4050

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations