Unrated severityNVD Advisory· Published Sep 27, 2023· Updated Feb 13, 2025
CVE-2023-5173
CVE-2023-5173
Description
In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. *This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (network.http.altsvc.oe) is enabled.* This vulnerability affects Firefox < 118.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5<118+ 1 more
- (no CPE)range: <118
- (no CPE)range: unspecified
- osv-coords3 versionspkg:apk/chainguard/firefox-esrpkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweed
< 118-r0+ 2 more
- (no CPE)range: < 118-r0
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 118.0.1-1.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.