CVE-2023-4573

Severity CVSS v4.0:
Pending analysis
Type:
CWE-416 Use After Free
Publication date:
11/09/2023
Last modified:
21/10/2024

Description

When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* 117.0 (excluding)
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* 115.0 (including) 115.2 (excluding)
cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* 102.15 (excluding)
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* 115.2 (excluding)