Lucene search
MozillaCVELIST:CVE-2024-8383HistorySep 03, 2024 - 12:32 p.m.
CVE-2024-8383
2024-09-0312:32:18
mozilla
www.cve.org
3
firefox
vulnerability
website
untrusted applications
usenet-related schemes
EPSS
0.001
Percentile
22.6%
Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don’t have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15.
CNA Affected
[
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "130",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "128.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.15",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2024-8383
2024-09-03 13:15:05
redhatcve
redhatcve
CVE-2024-8383
2024-09-03 15:43:07
nvd
nvd
CVE-2024-8383
2024-09-03 13:15:05
debiancve
debiancve
CVE-2024-8383
2024-09-03 13:15:05
alpinelinux
alpinelinux
CVE-2024-8383
2024-09-03 13:15:05
vulnrichment
vulnrichment
CVE-2024-8383
2024-09-03 12:32:18
osv
osv
CVE-2024-8383
2024-09-03 13:15:05
thunderbird - security update
2024-09-09 00:00:00
firefox-esr - security update
2024-09-04 00:00:00
kaspersky
kaspersky
KLA73123 Multiple vulnerabilities in Mozilla Firefox ESR
2024-09-03 00:00:00
KLA73124 Multiple vulnerabilities in Mozilla Firefox ESR
2024-09-03 00:00:00
KLA73122 Multiple vulnerabilities in Mozilla Firefox
2024-09-03 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3869-1)
2024-09-05 00:00:00
Debian: Security Advisory (DSA-5767-1)
2024-09-09 00:00:00
Debian: Security Advisory (DLA-3882-1)
2024-09-09 00:00:00
nessus
nessus
Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2024-247-01)
2024-09-03 00:00:00
Mozilla Firefox ESR < 115.15
2024-09-03 00:00:00
Debian dsa-5765 : firefox-esr - security update
2024-09-04 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 115.15 — Mozilla
2024-09-03 00:00:00
Security Vulnerabilities fixed in Firefox ESR 128.2 — Mozilla
2024-09-03 00:00:00
Security Vulnerabilities fixed in Firefox 130 — Mozilla
2024-09-03 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2024-09-03 21:15:31
oraclelinux
oraclelinux
firefox security update
2024-09-18 00:00:00
firefox security update
2024-09-18 00:00:00
rocky
rocky
firefox security update
2024-09-17 00:54:54
redhat
redhat
(RHSA-2024:6838) Important: firefox update
2024-09-19 11:08:53
(RHSA-2024:6682) Important: firefox security update
2024-09-16 11:09:22
(RHSA-2024:6681) Important: firefox security update
2024-09-16 11:08:52
ubuntu
ubuntu
Firefox vulnerabilities
2024-09-05 00:00:00
freebsd
freebsd
firefox -- multiple vulnerabilities
2024-09-03 00:00:00