CVE-2023-25732 Information

Description

When encoding data from an inputStream in xpcom the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox < 110 Thunderbird < 102.8 and Firefox ESR < 102.8.

Reference

https://www.mozilla.org/security/advisories/mfsa2023-05/ https://bugzilla.mozilla.org/show_bug.cgi?id=1804564 https://www.mozilla.org/security/advisories/mfsa2023-07/ https://www.mozilla.org/security/advisories/mfsa2023-06/