CVE-2023-5173

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Sep 27, 2023

Updated: Jan 7, 2024

CWE ID 190

Summary

CVE-2023-5173 is a vulnerability affecting Firefox browsers where an integer overflow can occur due to network traffic, potentially triggered by a local unprivileged webpage. If this non-standard configuration, allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`), is enabled, it may lead to an out-of-bounds write to privileged process memory. This issue only impacts Firefox versions below 118.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sypASE
https://www.cve.org/CVERecord?id=CVE-2023-5173
https://nvd.nist.gov/vuln/detail/CVE-2023-5173

Back to Vulnerability Database

CVE-2023-5173

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations