Vulnerabilities > CVE-2023-25752 - Unspecified vulnerability in Mozilla Firefox
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
Vulnerable Configurations
References
- https://bugzilla.mozilla.org/show_bug.cgi?id=1811627
- https://bugzilla.mozilla.org/show_bug.cgi?id=1811627
- https://www.mozilla.org/security/advisories/mfsa2023-09/
- https://www.mozilla.org/security/advisories/mfsa2023-09/
- https://www.mozilla.org/security/advisories/mfsa2023-10/
- https://www.mozilla.org/security/advisories/mfsa2023-10/
- https://www.mozilla.org/security/advisories/mfsa2023-11/
- https://www.mozilla.org/security/advisories/mfsa2023-11/