CNVD-2024-12550 — Vulnetix

CNVD-2024-12550 PUBLISHED CVSS 8.100000381469727 HIGH

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox存在代码执行漏洞，攻击者可利用该漏洞使用未知的攻击向量在易受攻击的系统上执行任意代码或导致拒绝服务。

Risk Scores

CVSS 3.1

8.100000381469727

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
mozilla	firefox_esr	0
Mozilla	Firefox ESR	unspecified
Mozilla	Thunderbird	unspecified
mozilla	firefox	0
debian	debian_linux	10.0
Mozilla	Firefox	unspecified
mozilla	thunderbird	0

Exploit Intelligence

CIRCL seen: CVE-2024-1553 (circl-sighting)
CIRCL seen: CVE-2024-1553 (circl-sighting)
CIRCL seen: CVE-2024-1553 (circl-sighting)
CIRCL seen: CVE-2024-1553 (circl-sighting)
Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8 (circl)
https://www.mozilla.org/security/advisories/mfsa2024-05/ (circl)
https://www.mozilla.org/security/advisories/mfsa2024-06/ (circl)
https://www.mozilla.org/security/advisories/mfsa2024-07/ (circl)
https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html (circl)
https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html (circl)

Timeline

Feb 20, 2024 CVE Published
Feb 20, 2024 PoC Published
Feb 21, 2024 PoC Published
Mar 1, 2024 CVE ID Reserved
Mar 8, 2024 PoC Published
Mar 8, 2024 PoC Published

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›