2024年10月10日星期四

Mozilla Firefox Remote Code Execution Vulnerability

Release Date: 10 Oct 2024

RISK: Extremely High Risk

TYPE: Clients - Browsers

A vulnerability was identified in Mozilla Firefox. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

 

Note:

Exploit in the wild has been detected for CVE-2024-9680, an attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines of Mozilla products.

Impact

  • Remote Code Execution

System / Technologies affected

Versions prior to:

 

  • Firefox 131.0.2
  • Firefox ESR 115.16.1
  • Firefox ESR 128.3.1

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

  • Firefox 131.0.2
  • Firefox ESR 115.16.1
  • Firefox ESR 128.3.1

Vulnerability Identifier

Source

Related Link

沒有留言:

發佈留言

訂閱: 發佈留言 (Atom)

GitLab 多個漏洞

GitLab 多個漏洞 發佈日期: 2026年06月25日 風險: 中度風險 類型: 伺服器 - 其他伺服器 於 GitLab 發現多個漏洞。遠...