Mozilla Products Remote Code Execution Vulnerability

Last Update Date: 14 Oct 2024 Release Date: 10 Oct 2024 3687 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Clients - Browsers

TYPE: Browsers

A vulnerability was identified in Mozilla Products. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

 

[Updated on 2024-10-14]

Updated System / Technologies affected, Solutions and Related Links.

 

Note:

Exploit in the wild has been detected for CVE-2024-9680, an attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines of Mozilla products.

Impact

  • Remote Code Execution

System / Technologies affected

Versions prior to:

 

  • Firefox 131.0.2
  • Firefox ESR 115.16.1
  • Firefox ESR 128.3.1
  • Thunderbird 115.16
  • Thunderbird 128.3.1
  • Thunderbird 131.0.1

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

  • Firefox 131.0.2
  • Firefox ESR 115.16.1
  • Firefox ESR 128.3.1
  • Thunderbird 115.16
  • Thunderbird 128.3.1
  • Thunderbird 131.0.1

Vulnerability Identifier

Source

Related Link

Related Tags

MozillaFirefoxThunderbirdRemote Code Execution

Share with

Previous

Ivanti Products Remote Code Execution Vulnerability

10 Oct 2024 3401 Views

Next

Microsoft Edge Multiple Vulnerabilities

14 Oct 2024 2697 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY