Description
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, obtain sensitive information.
Below is a complete list of vulnerabilities:
- Corrupt pointer dereference vulnerability in js::CheckTracedThing can be exploited to cause denial of service
- Denial of service vulnerability in HTTP/2 can be exploited remotely to cause denial of service.
- Integer overflow vulnerability in OpenType sanitizer can be exploited to cause denial of service.
- Out of bounds memory read in MSubstr can be exploited to cause denial of service.
- Memory safety vulnerability can be exploited to execute arbitrary code.
- Use after free vulnerability can be exploited to cause denial of service or execute arbitrary code.
- Use of uninitialized memory vulnerability in MarkStack assignment operator can be exploited to cause denial of service or execute arbitrary code.
- Out of bounds memory read can be exploited to cause denial of service.
- Use after free vulnerability in WASM garbage collection can be exploited to cause denial of service or execute arbitrary code.
- Information disclosure vulnerability in GetBoundName can be exploited to obtain sensitive information.
- Security vulnerability can be exploited to bypass security restrictions.
- Out of memory conditions vulnerability can be exploited to cause denial of service.
Original advisories
Related products
CVE list
- CVE-2024-3858 unknown
- CVE-2024-3302 unknown
- CVE-2024-3859 unknown
- CVE-2024-3855 unknown
- CVE-2024-3864 unknown
- CVE-2024-3861 unknown
- CVE-2024-3862 unknown
- CVE-2024-3853 unknown
- CVE-2024-3857 unknown
- CVE-2024-3854 unknown
- CVE-2024-3856 unknown
- CVE-2024-3852 unknown
- CVE-2024-3863 unknown
- CVE-2024-3860 unknown
- CVE-2024-3865 unknown
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!