Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128 and Thunderbird < 128.
History

Wed, 06 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox
Mozilla thunderbird
Weaknesses CWE-787
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
Vendors & Products Mozilla
Mozilla firefox
Mozilla thunderbird
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2024-07-09T14:26:01.065Z

Updated: 2024-11-06T14:46:20.795Z

Reserved: 2024-07-09T14:12:57.830Z

Link: CVE-2024-6615

cve-icon Vulnrichment

Updated: 2024-08-01T21:41:04.046Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-07-09T15:15:13.307

Modified: 2024-11-21T09:50:00.427

Link: CVE-2024-6615

cve-icon Redhat

No data.