CVE-2024-29943 — Vulnetix

CVE-2024-29943 PUBLISHED

Es bestehen mehrere Schwachstellen in Mozilla Firefox und Mozilla Firefox ESR. Diese Fehler bestehen in den Event Handlern und in den Komponenten der Bereichsanalyse aufgrund eines Out-of-bounds-Read oder einer unsachgemäßen Neutralisierung von Benutzereingaben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.

EPSS 53.86% · 98.0th percentile

Risk Scores

EPSS Score

53.86%

98.0th percentile

Affected Products

Vendor	Product	Versions
Gentoo	Gentoo Linux
Amazon	Amazon Linux 2
SUSE	SUSE openSUSE
Oracle	Oracle Linux
Mozilla	Mozilla Firefox ESR <115.9.1
IGEL	IGEL OS 11
Ubuntu	Ubuntu Linux
Fedora	Fedora Linux
SUSE	SUSE Linux
IGEL	IGEL OS 12
Red Hat	Red Hat Enterprise Linux
Mozilla	Mozilla Firefox <124.0.1
RESF	RESF Rocky Linux
Debian	Debian Linux

Timeline

Mar 22, 2024 CVE Published
Mar 23, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Feb 13, 2025 CVE Updated
Mar 17, 2025 EPSS Score
Mar 20, 2025 EPSS Score
Mar 27, 2025 EPSS Score
Mar 28, 2025 EPSS Score
Apr 1, 2025 Coalition ESS Score
Apr 2, 2025 EPSS Score
Apr 15, 2025 EPSS Score
May 9, 2025 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0703.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0703 advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2024-15/ advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2024-16/ advisory
https://www.cybersecurity-help.cz/vdb/SB2024032528 advisory
https://www.cybersecurity-help.cz/vdb/SB2024032529 advisory
https://access.redhat.com/errata/RHSA-2024:1487 advisory
https://access.redhat.com/errata/RHSA-2024:1483 advisory
https://access.redhat.com/errata/RHSA-2024:1490 advisory
https://access.redhat.com/errata/RHSA-2024:1491 advisory
https://access.redhat.com/errata/RHSA-2024:1485 advisory
https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html advisory
https://access.redhat.com/errata/RHSA-2024:1486 advisory
https://access.redhat.com/errata/RHSA-2024:1488 advisory
https://access.redhat.com/errata/RHSA-2024:1484 advisory
https://access.redhat.com/errata/RHSA-2024:1489 advisory
https://linux.oracle.com/errata/ELSA-2024-1486.html advisory
https://linux.oracle.com/errata/ELSA-2024-1485.html advisory
https://errata.build.resf.org/RLSA-2024:1484 advisory
https://kb.igel.com/securitysafety/en/isn-2024-08-firefox-esr-vulnerabilities-119870266.html advisory

…and 8 more

Open in Interactive Console →