CVE-2024-1552
Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen in mehreren Funktionen und Modulen aufgrund mehrerer sicherheitsrelevanter Probleme, wie z. B. Lesen von Out-of-Bounds-Speicher, Cache Poisoning, ungültiger Speicherzugriff oder falsche Codegenerierung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, Sicherheitsmaßnahmen zu umgehen oder einen nicht spezifizierten Angriff durchzuführen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 0.28% · 52.0th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Oracle Linux | |
| Mozilla | Mozilla Firefox ESR <115.8 | |
| Mozilla | Mozilla Firefox <123 | |
| SUSE | SUSE openSUSE | |
| RESF | RESF Rocky Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| SUSE | SUSE Linux | |
| Gentoo | Gentoo Linux | |
| Xerox | Xerox FreeFlow Print Server v9 | |
| Open Source | Open Source CentOS | |
| Mozilla | Mozilla Thunderbird <115.8 | |
| Amazon | Amazon Linux 2 | |
| IGEL | IGEL OS 12 | |
| Fedora | Fedora Linux | |
| IGEL | IGEL OS 11 | |
| Xerox | Xerox FreeFlow Print Server v7 | |
| Ubuntu | Ubuntu Linux | |
| Debian | Debian Linux |
Timeline
- Feb 20, 2024 CVE Published
- Feb 21, 2024 EPSS Score
- Mar 19, 2024 EPSS Score
- Apr 14, 2024 EPSS Score
- Jun 7, 2024 EPSS Score
- Jul 3, 2024 EPSS Score
- Jul 30, 2024 EPSS Score
- Aug 30, 2024 EPSS Score
- Sep 26, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 22, 2024 EPSS Score
- Dec 12, 2024 Coalition ESS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0443.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0443 advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-05 advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-06 advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-07 advisory
- https://lists.debian.org/debian-security-announce/2024/msg00034.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-February/017979.html advisory
- https://ubuntu.com/security/notices/USN-6649-1 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-81863a1613 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-5361211b10 advisory
- https://access.redhat.com/errata/RHSA-2024:0952 advisory
- https://access.redhat.com/errata/RHSA-2024:0970 advisory
- https://linux.oracle.com/errata/ELSA-2024-0952.html advisory
- https://access.redhat.com/errata/RHSA-2024:0972 advisory
- https://access.redhat.com/errata/RHSA-2024:0955 advisory
- https://lists.debian.org/debian-security-announce/2024/msg00037.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-February/018005.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-February/018006.html advisory
- https://access.redhat.com/errata/RHSA-2024:0957 advisory
- https://access.redhat.com/errata/RHSA-2024:0958 advisory
…and 36 more