CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
AI Score
Confidence
Low
If the browser.privatebrowsing.autostart
preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
bugzilla.mozilla.org/show_bug.cgi?id=1878577
ubuntu.com/security/CVE-2024-4767
ubuntu.com/security/notices/USN-6779-1
ubuntu.com/security/notices/USN-6782-1
www.cve.org/CVERecord?id=CVE-2024-4767
www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4767
www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4767
www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4767
www.mozilla.org/security/advisories/mfsa2024-21/
www.mozilla.org/security/advisories/mfsa2024-22/
www.mozilla.org/security/advisories/mfsa2024-23/