Home > Vulnerability Database > CVE-2023-4582

Mend.io Vulnerability Database

CVE-2023-4582

Date: September 11, 2023

Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. This bug only affects Firefox on macOS. Other operating systems are unaffected. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

Language: C++

Severity Score

8.8

Related Resources (6)

Url: https://www.mozilla.org/security/advisories/mfsa2023-34/

Url: https://www.mozilla.org/security/advisories/mfsa2023-36/

Url: https://www.mozilla.org/security/advisories/mfsa2023-38/

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-4582

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=1773874

Url: https://www.mend.io/vulnerability-database/CVE-2023-4582

Severity Score

8.8

Weakness Type (CWE)

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-120

CVSS v3.1

Base Score:	8.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-4582

Date: September 11, 2023

Language: C++

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?