Multiple vulnerabilities in Mozilla Firefox

Описание

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, perform cross-site scripting attack, spoof user interface, bypass security restrictions, execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. Corrupt pointer dereference vulnerability in js::CheckTracedThing can be exploited to cause denial of service
2. Denial of service vulnerability in HTTP/2 can be exploited remotely to cause denial of service.
3. Integer overflow vulnerability in OpenType sanitizer can be exploited to cause denial of service.
4. Out of bounds memory read in MSubstr can be exploited to cause denial of service.
5. Memory safety vulnerability can be exploited to execute arbitrary code.
6. Use after free vulnerability can be exploited to cause denial of service or execute arbitrary code.
7. Use of uninitialized memory vulnerability in MarkStack assignment operator can be exploited to cause denial of service or execute arbitrary code.
8. Out of bounds memory read can be exploited to cause denial of service.
9. Use after free vulnerability in WASM garbage collection can be exploited to cause denial of service or execute arbitrary code.
10. Information disclosure vulnerability in GetBoundName can be exploited to obtain sensitive information.
11. Security vulnerability can be exploited to bypass security restrictions.
12. Out of memory conditions vulnerability can be exploited to cause denial of service.
13. Use after free vulnerability in networking can be exploited to cause denial of service or execute arbitrary code.

Первичный источник обнаружения

• MFSA2024-18
  

Связанные продукты

• Mozilla-Firefox

Список CVE

• CVE-2024-3858
  warning
• CVE-2024-3302
  warning
• CVE-2024-3859
  warning
• CVE-2024-3855
  warning
• CVE-2024-3864
  warning
• CVE-2024-3861
  warning
• CVE-2024-3862
  warning
• CVE-2024-3853
  warning
• CVE-2024-3857
  warning
• CVE-2024-3854
  warning
• CVE-2024-3856
  warning
• CVE-2024-3852
  warning
• CVE-2024-3863
  warning
• CVE-2024-3860
  warning
• CVE-2024-3865
  warning
• CVE-2024-5702
  unknown

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com