CVE-2024-3864

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-3864
Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
CVSS

No CVSS.

References
Link Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1888333
https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
https://www.mozilla.org/security/advisories/mfsa2024-18/
https://www.mozilla.org/security/advisories/mfsa2024-19/
https://www.mozilla.org/security/advisories/mfsa2024-20/
Configurations

No configuration.

History

24 Apr 2024, 10:15

Type Values Removed Values Added
References
  • () https://www.mozilla.org/security/advisories/mfsa2024-20/ -
Summary (en) Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125 and Firefox ESR < 115.10. (en) Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.

22 Apr 2024, 10:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html -

19 Apr 2024, 11:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html -

17 Apr 2024, 12:48

Type Values Removed Values Added
Summary
  • (es) Error de seguridad de la memoria presente en Firefox 124, Firefox ESR 115.9 y Thunderbird 115.9. Este error mostró evidencia de corrupción de memoria y suponemos que con suficiente esfuerzo esto podría haberse aprovechado para ejecutar código arbitrario. Esta vulnerabilidad afecta a Firefox &lt; 125 y Firefox ESR &lt; 115.10.

16 Apr 2024, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-04-16 16:15

Updated : 2024-04-24 10:15

NVD link : CVE-2024-3864

Mitre link : CVE-2024-3864

CVE.ORG link : CVE-2024-3864

JSON object : View

Products Affected

No product.

CWE

No CWE.