RedosROS-20240828-03ROS-20240828-03
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
36.6%
Vulnerability of Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to the incorrect handling of exceptional conditions
with improper handling of exceptional conditions. Exploitation of the vulnerability could allow
a remote attacker to use memory after it has been freed
Vulnerability of Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird mail client is related to the following vulnerabilities
with attribute value validation errors. Exploitation of the vulnerability could allow an attacker acting
remotely to gain access to confidential information
Vulnerability of CKM_CHACHA20 font set in Mozilla Firefox, Firefox ESR browsers is related to possibility of
buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker,
acting remotely, get access to protected information by calling PK11_Encrypt()
The vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to the creation of StreamFilter'. with the creation of a StreamFilterthat can be used to read and modify requests Exploitation of this vulnerability could allow an attacker to exploit theStreamFilter` vulnerability.
of the vulnerability could allow an attacker acting remotely to affect the integrity of the system
Vulnerability in the ANGLE library of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers
is related to the use of an uninitialized resource. Exploitation of the vulnerability could allow an attacker to
disclose protected information
Vulnerability in Garbage Collector component of Mozilla Firefox, Firefox ESR and Thunderbird mail client is related to the use of uninitialized resource.
Thunderbird email client is related to memory usage after memory freeing. Exploitation
of the vulnerability could allow a remote attacker to execute arbitrary code.
Vulnerability in Content Security Policy Handler component of Mozilla Firefox, Mozilla Firefox ESR,
Mozilla Thunderbird email client is related to failure to take measures to protect the structure of a web page.
Exploitation of the vulnerability can allow a remote attacker to conduct an XSS attack by
HTML element injection
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to data type mixing errors.
with data type mixing errors. Exploitation of the vulnerability could allow an attacker acting
remotely, to exit an isolated program environment
Date Picker vulnerability in Mozilla Firefox and Firefox ESR browsers is related to errors in presentation of information by the user interface.
information presentation errors in the user interface. Exploitation of the vulnerability could allow an attacker,
acting remotely, grant arbitrary permissions and gain unauthorized access to data or functions.
data or functions
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
36.6%