A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write This vulnerability affects Firefox < 124, Firefox ESR < 1159, and Thunderbird < 1159 (CVE-2024-2608)
Using a markup in ...
`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write This vulnerability affects Firefox < 124, Firefox ESR < 1159, and Thunderbird < 1159 (CVE-2024-2608)
Using a markup in ...
Mozilla Foundation Security Advisory 2024-14
Security Vulnerabilities fixed in Thunderbird 1159
Announced
March 19, 2024
Impact
high
Products
Thunderbird
Fixed in
Thunderbird 1159
...
Mozilla Foundation Security Advisory 2024-13
Security Vulnerabilities fixed in Firefox ESR 1159
Announced
March 19, 2024
Impact
high
Products
Firefox ESR
Fixed in
Firefox ESR 1159
...
Mozilla Foundation Security Advisory 2024-12
Security Vulnerabilities fixed in Firefox 124
Announced
March 19, 2024
Impact
high
Products
Firefox
Fixed in
Firefox 124
...