Security Advisory

CVE-2023-4576

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-09-11 08:00:51

Last updated 2025-12-18 15:23:04

Assigner mozilla

State PUBLISHED

Description

On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

← Browse all CVEs View on cve.org ↗