An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox.

Affected configurations

Vulners

Node

mozillafirefox_esrRange<115.9.1

CPENameOperatorVersion
firefox esrlt115.9.1

CPE	Name	Operator	Version
	firefox esr	lt	115.9.1

References

bugzilla.mozilla.org/show_bug.cgi?id=1886852

openvas 14

nessus 30

cve 1

debiancve 1

debian 2

redhatcve 1

slackware 1

veracode 1

ubuntucve 1

kaspersky 2

nvd 1

osv 7

alpinelinux 1

cgr 1

cvelist 1

zdi 1

mozilla 1

ubuntu 2

malwarebytes 1

redhat 9

mageia 1

centos 1

oraclelinux 3

almalinux 2

rocky 1

openvas

Debian: Security Advisory (DSA-5645-1)

2024-03-25 00:00:00

Mozilla Firefox ESR Security Update (mfsa_2024-16) - Mac OS X

2024-03-25 00:00:00

Slackware: Security Advisory (SSA:2024-083-01)

2024-03-25 00:00:00

nessus

Mozilla Firefox ESR < 115.9.1

2024-03-22 00:00:00

Mozilla Firefox ESR < 115.9.1

2024-03-22 00:00:00

Debian dsa-5645 : firefox-esr - security update

2024-03-23 00:00:00

cve

CVE-2024-29944

2024-03-22 13:15:07

debiancve

CVE-2024-29944

2024-03-22 13:15:07

debian

[SECURITY] [DSA 5645-1] firefox-esr security update

2024-03-23 20:10:40

[SECURITY] [DLA 3775-1] firefox-esr security update

2024-03-25 15:40:17

redhatcve

CVE-2024-29944

2024-03-22 14:13:32

slackware

[slackware-security] mozilla-firefox

2024-03-23 19:41:05

veracode

Privilege Escalation

2024-03-24 12:13:55

ubuntucve

CVE-2024-29944

2024-03-22 00:00:00

kaspersky

KLA65257 ACE vulnerability in Mozilla Firefox ESR

2024-03-22 00:00:00

KLA65256 Multiple vulnerabilities in Mozilla Firefox

2024-03-22 00:00:00

nvd

CVE-2024-29944

2024-03-22 13:15:07

osv

firefox-esr - security update

2024-03-23 00:00:00

firefox regressions

2024-04-04 01:36:16

firefox vulnerabilities

2024-03-25 01:38:21

alpinelinux

CVE-2024-29944

2024-03-22 13:15:07

cgr

CVE-2024-29944 vulnerabilities

2024-05-19 03:07:16

cvelist

CVE-2024-29944

2024-03-22 12:55:40

zdi

(Pwn2Own) Mozilla Firefox Exposed Dangerous Function Sandbox Escape Vulnerability

2024-06-12 00:00:00

mozilla

Security Vulnerabilities fixed in Firefox 124.0.1 — Mozilla

2024-03-22 00:00:00

ubuntu

Firefox vulnerabilities

2024-03-25 00:00:00

Firefox regressions

2024-04-04 00:00:00

malwarebytes

Patch now: Mozilla patches two critical vulnerabilities in Firefox

2024-03-26 14:09:18

redhat

(RHSA-2024:1488) Critical: firefox security update

2024-03-25 18:21:05

(RHSA-2024:1486) Critical: firefox security update

2024-03-25 18:20:50

(RHSA-2024:1485) Critical: firefox security update

2024-03-25 18:20:43

mageia

Updated nss firefox, nss packages fix security vulnerabilities

2024-03-27 22:24:13

centos

firefox security update

2024-04-03 14:00:43

oraclelinux

firefox security update

2024-03-26 00:00:00

firefox security update

2024-03-26 00:00:00

firefox security update

2024-03-26 00:00:00

almalinux

Critical: firefox security update

2024-03-25 00:00:00

Critical: firefox security update

2024-03-25 00:00:00

rocky

firefox security update

2024-03-27 04:34:32

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

16.0%

JSON

Related for MFSA2024-16