Mozilla Products Multiple Vulnerabilities
Release Date: 30 Oct 2024
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting, denial of service condition, sensitive information disclosure, remote code execution, security restriction bypass and spoofing on the targeted system.
Impact
- Cross-Site Scripting
- Denial of Service
- Information Disclosure
- Remote Code Execution
- Security Restriction Bypass
- Spoofing
System / Technologies affected
Versions prior to:
- Firefox 132
- Firefox ESR 128.4
- Firefox ESR 115.17
- Thunderbird 128.4
- Thunderbird 132
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- Firefox 132
- Firefox ESR 128.4
- Firefox ESR 115.17
- Thunderbird 128.4
- Thunderbird 132
Vulnerability Identifier
- CVE-2024-10458
- CVE-2024-10459
- CVE-2024-10460
- CVE-2024-10461
- CVE-2024-10462
- CVE-2024-10463
- CVE-2024-10464
- CVE-2024-10465
- CVE-2024-10466
- CVE-2024-10467
- CVE-2024-10468
Source
Related Link
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-57/
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-59/
沒有留言:
發佈留言