CVE-2023-6861

Summary

The nsWindow::PickerOpen(void) method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox ESRunspecified < 115.6affected
MozillaThunderbirdunspecified < 115.6affected
MozillaFirefoxunspecified < 121affected

Weaknesses

  • Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode

ADP Enrichment

CVE Program Container

Additional References

References