Security Advisory

CVE-2023-5168

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-09-27 14:12:58

Last updated 2025-05-01 20:13:54

Assigner mozilla

State PUBLISHED

Description

A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.

← Browse all CVEs View on cve.org ↗