CVE-2024-5702 | THREATINT

Description

Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12.

PUBLISHED Reserved 2024-06-06 | Published 2024-06-11 | Updated 2024-08-12 | Assigner mozilla

Problem types

Use-after-free in networking

Product status

Any version before 125

affected

Any version before 115.12

affected

Any version before 115.12

affected

Credits

Kershaw Chang

References

bugzilla.mozilla.org/show_bug.cgi?id=1193389

lists.debian.org/debian-lts-announce/2024/06/msg00000.html

lists.debian.org/debian-lts-announce/2024/06/msg00010.html

www.mozilla.org/security/advisories/mfsa2024-18/

www.mozilla.org/security/advisories/mfsa2024-26/

www.mozilla.org/security/advisories/mfsa2024-28/

cve.org (CVE-2024-5702)

nvd.nist.gov (CVE-2024-5702)

Download JSON