11 matches found
A Pwn2Own SpiderMonkey JIT Bug
A Pwn2Own SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE. This repository contains proof of concept, exploit, and analysis slide for CVE-2024-29943...
Fedora 40 : firefox (2024-8b5bd4ad5f)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-8b5bd4ad5f advisory. - New upstream version 124.0.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...
Ubuntu: Security Advisory (USN-6710-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6710-1: Firefox vulnerabilities
Manfred Paul discovered that Firefox did not properly perform bounds checking during range analysis, leading to an out-of-bounds write vulnerability. A attacker could use this to cause a denial of service, or execute arbitrary code. CVE-2024-29943 Manfred Paul discovered that Firefox incorrectly...
Mozilla Firefox Security Update (MFSA2024-15) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Mozilla Firefox Security Update (MFSA2024-15) - Mac OS X
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
CVE-2024-29943
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination...
CVE-2024-29943
CVE-2024-29943 is a Firefox vulnerability: an attacker could perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination. Affected product: Mozilla Firefox versions earlier than 124.0.1 (desktop; ESR has separate fixes). The root cause is an incor...
Mozilla Firefox < 124.0.1
The version of Firefox installed on the remote Windows host is prior to 124.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-15 advisory. - An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript...
KLA65256 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Remote code execution vulnerability can be exploited remotely to execute arbitrary code. 2...
Mozilla Firefox < 124.0.1
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 124.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-15 advisory. - An attacker was able to inject an event handler into a privileged object that would allow arbitrary...