Forum
CVE-2023-25732 - Thunderbird, Firefox
Zitat von MITs Forum am 2. Juni 2023, 0:00 UhrWhen encoding data from an
inputStream
inxpcom
the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.References
https://bugzilla.mozilla.org/show_bug.cgi?id=1804564
https://www.mozilla.org/security/advisories/mfsa2023-05/
https://www.mozilla.org/security/advisories/mfsa2023-06/
https://www.mozilla.org/security/advisories/mfsa2023-07/
When encoding data from an inputStream
in xpcom
the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
References
https://bugzilla.mozilla.org/show_bug.cgi?id=1804564
https://www.mozilla.org/security/advisories/mfsa2023-05/
https://www.mozilla.org/security/advisories/mfsa2023-06/
https://www.mozilla.org/security/advisories/mfsa2023-07/