Lucene search
MozillaVULNRICHMENT:CVE-2024-7652HistorySep 06, 2024 - 6:18 p.m.
CVE-2024-7652
2024-09-0618:18:28
mozilla
github.com
17
ecma-262 async generators memorycorruption exploitablecrash firefoxthunderbird
An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"
],
"vendor": "mozilla",
"product": "firefox_esr",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "115.13",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"
],
"vendor": "mozilla",
"product": "firefox",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "128",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"
],
"vendor": "mozilla",
"product": "thunderbird",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "115.13",
"versionType": "custom"
},
{
"status": "affected",
"version": "0",
"lessThan": "128",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]References
Related
nvd
nvd
CVE-2024-7652
2024-09-06 19:15:12
CVE-2024-43357
2024-08-15 19:15:20
nessus
nessus
FreeBSD : firefox -- Potential memory corruption and exploitable crash (7ade3c38-6d1f-11ef-ae11-b42e991fc52e)
2024-09-08 00:00:00
RHEL 9 : thunderbird (RHSA-2024:6720)
2024-09-17 00:00:00
RHEL 9 : thunderbird (RHSA-2024:6722)
2024-09-17 00:00:00
cvelist
cvelist
CVE-2024-7652
2024-09-06 18:18:28
freebsd
freebsd
firefox -- Potential memory corruption and exploitable crash
2024-09-06 00:00:00
debiancve
debiancve
CVE-2024-7652
2024-09-06 19:15:12
redhatcve
redhatcve
CVE-2024-7652
2024-09-06 21:41:00
redos
redos
ROS-20240909-01
2024-09-09 00:00:00
cve
cve
CVE-2024-7652
2024-09-06 19:15:12
CVE-2024-43357
2024-08-15 19:15:20
vulnrichment
vulnrichment
osv
osv
CVE-2024-43367
2024-08-15 21:15:17
CVE-2024-7652
2024-09-06 19:15:12
openvas
openvas
Debian: Security Advisory (DSA-5733-1)
2024-07-19 00:00:00
Debian: Security Advisory (DSA-5727-1)
2024-07-11 00:00:00
kaspersky
kaspersky
KLA70479 Multiple vulnerabilities in Mozilla Thunderbird
2024-07-15 00:00:00
KLA70405 Multiple vulnerabilities in Mozilla Firefox ESR
2024-07-09 00:00:00
KLA70478 Multiple vulnerabilities in Mozilla Thunderbird
2024-07-11 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 115.13 — Mozilla
2024-07-09 00:00:00
Security Vulnerabilities fixed in Thunderbird 115.13 — Mozilla
2024-07-15 00:00:00
Security Vulnerabilities fixed in Thunderbird 128 — Mozilla
2024-07-11 00:00:00
oraclelinux
oraclelinux
firefox security update
2024-09-18 00:00:00
thunderbird security update
2024-09-18 00:00:00
thunderbird security update
2024-09-18 00:00:00
redhat
redhat
(RHSA-2024:6723) Important: thunderbird security update
2024-09-17 11:09:33
(RHSA-2024:6684) Important: thunderbird security update
2024-09-16 11:11:18
(RHSA-2024:6721) Important: thunderbird security update
2024-09-17 11:09:20
rocky
rocky
firefox security update
2024-09-17 00:54:54
thunderbird security update
2024-09-17 00:54:54
EPSS
0
Percentile
10.9%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-7652