cve/2023/CVE-2023-4582.md

### [CVE-2023-4582](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4582)
![](https://img.shields.io/static/v1?label=Product&message=Firefox%20ESR&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Thunderbird&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%20115.2%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%20117%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Buffer%20Overflow%20in%20WebGL%20glGetProgramiv&color=brighgreen)

### Description

Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. *This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

### POC

#### Reference
- https://bugzilla.mozilla.org/show_bug.cgi?id=1773874

#### Github
- https://github.com/dlehgus1023/dlehgus1023
- https://github.com/l33d0hyun/l33d0hyun
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-4582](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4582)`
			`![](https://img.shields.io/static/v1?label=Product&message=Firefox%20ESR&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Firefox&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Thunderbird&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%20115.2%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%20117%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Buffer%20Overflow%20in%20WebGL%20glGetProgramiv&color=brighgreen)`

			`### Description`

			`Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. This bug only affects Firefox on macOS. Other operating systems are unaffected. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.`

			`### POC`

			`#### Reference`
			`- https://bugzilla.mozilla.org/show_bug.cgi?id=1773874`

			`#### Github`
			`- https://github.com/dlehgus1023/dlehgus1023`
Update CVE sources 2024-08-05 18:41 2024-08-05 18:41:32 +00:00			`- https://github.com/l33d0hyun/l33d0hyun`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00