Published: 20/02/2024 Updated: 04/03/2024

Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read This vulnerability affects Firefox < 123, Firefox ESR < 1158, and Thunderbird < 1158 (CVE-2024-1546) Through a series of API calls and redirects, an attacker-controlled alert dialog could h ...

Mozilla Foundation Security Advisory 2024-06 Security Vulnerabilities fixed in Firefox ESR 1158 Announced February 20, 2024 Impact high Products Firefox ESR Fixed in Firefox ESR 1158 ...

Mozilla Foundation Security Advisory 2024-05 Security Vulnerabilities fixed in Firefox 123 Announced February 20, 2024 Impact high Products Firefox Fixed in Firefox 123 ...

Mozilla Foundation Security Advisory 2024-07 Security Vulnerabilities fixed in Thunderbird 1158 Announced February 20, 2024 Impact high Products Thunderbird Fixed in Thunderbird 1158 ...

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286 https://www.mozilla.org/security/advisories/mfsa2024-05/https://www.mozilla.org/security/advisories/mfsa2024-06/https://www.mozilla.org/security/advisories/mfsa2024-07/https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2024-2477.html

CVE-2024-1553

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect