CVE-2024-5700
7.0
Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.0 / Impact: 5.9
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
Description
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
Affected (3)
Products: Mozilla: Firefox, Thunderbird
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 127.0 | |
| Before 115.12 |
Related CWEs
CWE-786
Access of Memory Location Before Start of Buffer
The product reads or writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer.
CWE-788
Access of Memory Location After End of Buffer
The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.
References (12)
Source: security@mozilla.org
Issue Tracking
Source: security@mozilla.org
Mailing List
Source: security@mozilla.org
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.