mickmick.net

Mozilla Products Multiple Vulnerabilities

Release Date: 20 Mar 2024

RISK: Medium Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, spoofing, remote code execution, sensitive information disclosure, data manipulation and security restriction bypass on the targeted system.

---

Impact

• Denial of Service
• Remote Code Execution
• Security Restriction Bypass
• Spoofing
• Information Disclosure
• Data Manipulation

---

System / Technologies affected

Versions prior to:

 

• Firefox ESR 115.9
• Firefox 124
• Thunderbird 115.9

 

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

• Firefox ESR 115.9
• Firefox 124
• Thunderbird 115.9

---

Vulnerability Identifier

• CVE-2023-5388
• CVE-2024-0743
• CVE-2024-2605
• CVE-2024-2606
• CVE-2024-2607
• CVE-2024-2608
• CVE-2024-2609
• CVE-2024-2610
• CVE-2024-2611
• CVE-2024-2612
• CVE-2024-2613
• CVE-2024-2614
• CVE-2024-2615
• CVE-2024-2616

---

Source

• Mozilla

---

Related Link

• https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/
• https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/
• https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/