Kaspersky ID:
KLA73802
Detect Date:
10/01/2024
Updated:
10/03/2024

Description

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, perform cross-site scripting attack, execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

  1. Security UI vulnerability can be exploited to spoof user interface.
  2. Validation of untrusted input vulnerability in new tab page can be exploited to bypass security restrictions.
  3. Security UI vulnerability for Android can be exploited to spoof user interface.
  4. Cross-site scripting (XSS) vulnerability can be exploited to perform cross-site scripting attack.
  5. Memory safety vulnerability can be exploited to execute arbitrary code.
  6. Memory corruption vulnerability can be exploited to cause a denial of service.
  7. Cross-site scripting (XSS) vulnerability for Android can be exploited to perform cross-site scripting attack.
  8. Type confusion vulnerability in WebTransport can be exploited to cause denial of service.
  9. Memory corruption vulnerability that occurs when reading from memory at a specific point during JIT compilation can be exploited to cause a denial of service.

Original advisories

Related products

CVE list

  • CVE-2024-9397
    unknown
  • CVE-2024-9398
    unknown
  • CVE-2024-9395
    unknown
  • CVE-2024-9392
    unknown
  • CVE-2024-9402
    unknown
  • CVE-2024-9396
    unknown
  • CVE-2024-9403
    unknown
  • CVE-2024-9391
    unknown
  • CVE-2024-9399
    unknown
  • CVE-2024-9393
    unknown
  • CVE-2024-9401
    unknown
  • CVE-2024-9394
    unknown
  • CVE-2024-9400
    unknown

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Confirm changes?
Your message has been sent successfully.