Mozilla Firefox Remote Code Execution Vulnerability
Release Date: 10 Oct 2024
RISK: Extremely High Risk
TYPE: Clients - Browsers
A vulnerability was identified in Mozilla Firefox. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.
Note:
Exploit in the wild has been detected for CVE-2024-9680, an attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines of Mozilla products.
Impact
- Remote Code Execution
System / Technologies affected
Versions prior to:
- Firefox 131.0.2
- Firefox ESR 115.16.1
- Firefox ESR 128.3.1
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- Firefox 131.0.2
- Firefox ESR 115.16.1
- Firefox ESR 128.3.1
沒有留言:
發佈留言