Описание
On Windows, an integer overflow could occur in RecordedSourceSurfaceCreation which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | ignored | only affects macOS |
| esm-infra/focal | DNE | |
| focal | ignored | end of standard support, was ignored [only affects macOS] |
| jammy | ignored | only affects macOS |
| lunar | ignored | end of life, was ignored [only affects macOS] |
| trusty | ignored | end of standard support |
| upstream | needs-triage | |
| xenial | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | ignored | only affects macOS |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | ignored | only affects macOS |
| lunar | ignored | end of life, was ignored [only affects macOS] |
| trusty | DNE | |
| upstream | ignored | only affects macOS |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | DNE | |
| esm-apps/bionic | ignored | only affects macOS |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| lunar | DNE | |
| trusty | DNE | |
| upstream | ignored | only affects macOS |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | DNE | |
| esm-apps/focal | ignored | only affects macOS |
| esm-infra/bionic | ignored | only affects macOS |
| focal | ignored | end of standard support, was ignored [only affects macOS] |
| jammy | DNE | |
| lunar | DNE | |
| trusty | DNE | |
| upstream | ignored | only affects macOS |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra/focal | ignored | only affects macOS |
| focal | ignored | end of standard support, was ignored [only affects macOS] |
| jammy | DNE | |
| lunar | DNE | |
| trusty | DNE | |
| upstream | ignored | only affects macOS |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-apps/jammy | ignored | only affects macOS |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | ignored | only affects macOS |
| lunar | ignored | end of life, was ignored [only affects macOS] |
| trusty | DNE | |
| upstream | ignored | only affects macOS |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | ignored | only affects macOS |
| lunar | DNE | |
| trusty | DNE | |
| upstream | ignored | only affects macOS |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | ignored | only affects Windows |
| esm-infra/focal | DNE | |
| focal | ignored | end of standard support, was ignored [only affects Windows] |
| jammy | ignored | only affects Windows |
| lunar | ignored | end of life, was ignored [only affects Windows] |
| trusty | ignored | end of standard support |
| upstream | ignored | only affects macOS |
| xenial | ignored | end of standard support |
Показывать по
Ссылки на источники
8.6 High
CVSS3
Связанные уязвимости
On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
On Windows, an integer overflow could occur in `RecordedSourceSurfaceC ...
On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, and Thunderbird < 115.2.
Уязвимость компонента RecordedSourceSurfaceCreation браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
8.6 High
CVSS3