CVE-2024-9393 - Vulnerability Details

An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Mozilla	Firefox Firefox Esr Thunderbird
Redhat	Enterprise Linux Rhel Aus Rhel E4s Rhel Els Rhel Eus Rhel Tus

Configuration 1 [-]

OR	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox_esr::::::::
	cpe:2.3:a:mozilla:firefox_esr::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::
	cpe:2.3:a:mozilla:thunderbird:129.0:beta::::::
	cpe:2.3:a:mozilla:thunderbird:129.0:beta2::::::
	cpe:2.3:a:mozilla:thunderbird:129.0:beta3::::::
	cpe:2.3:a:mozilla:thunderbird:129.0:beta4::::::
	cpe:2.3:a:mozilla:thunderbird:129.0:beta5::::::
	cpe:2.3:a:mozilla:thunderbird:129.0:beta6::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 7 Extended Lifecycle Support
firefox-0:128.3.0-1.el7_9	cpe:/o:redhat:rhel_els:7	RHSA-2024:7702	2024-10-07T00:00:00Z
Red Hat Enterprise Linux 8
thunderbird-0:128.3.0-1.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:7699	2024-10-07T00:00:00Z
firefox-0:128.3.0-1.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:7700	2024-10-07T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support
firefox-0:128.3.0-1.el8_2	cpe:/a:redhat:rhel_aus:8.2	RHSA-2024:7646	2024-10-03T00:00:00Z
thunderbird-0:128.3.0-1.el8_2	cpe:/a:redhat:rhel_aus:8.2	RHSA-2024:7856	2024-10-09T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
firefox-0:128.3.0-1.el8_4	cpe:/a:redhat:rhel_aus:8.4	RHSA-2024:7703	2024-10-07T00:00:00Z
thunderbird-0:128.3.0-1.el8_4	cpe:/a:redhat:rhel_aus:8.4	RHSA-2024:7854	2024-10-09T00:00:00Z
Red Hat Enterprise Linux 8.4 Telecommunications Update Service
firefox-0:128.3.0-1.el8_4	cpe:/a:redhat:rhel_tus:8.4	RHSA-2024:7703	2024-10-07T00:00:00Z
thunderbird-0:128.3.0-1.el8_4	cpe:/a:redhat:rhel_tus:8.4	RHSA-2024:7854	2024-10-09T00:00:00Z
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
firefox-0:128.3.0-1.el8_4	cpe:/a:redhat:rhel_e4s:8.4	RHSA-2024:7703	2024-10-07T00:00:00Z
thunderbird-0:128.3.0-1.el8_4	cpe:/a:redhat:rhel_e4s:8.4	RHSA-2024:7854	2024-10-09T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
firefox-0:128.3.0-1.el8_6	cpe:/a:redhat:rhel_aus:8.6	RHSA-2024:7704	2024-10-07T00:00:00Z
thunderbird-0:128.3.0-1.el8_6	cpe:/a:redhat:rhel_aus:8.6	RHSA-2024:8169	2024-10-16T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
firefox-0:128.3.0-1.el8_6	cpe:/a:redhat:rhel_tus:8.6	RHSA-2024:7704	2024-10-07T00:00:00Z
thunderbird-0:128.3.0-1.el8_6	cpe:/a:redhat:rhel_tus:8.6	RHSA-2024:8169	2024-10-16T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
firefox-0:128.3.0-1.el8_6	cpe:/a:redhat:rhel_e4s:8.6	RHSA-2024:7704	2024-10-07T00:00:00Z
thunderbird-0:128.3.0-1.el8_6	cpe:/a:redhat:rhel_e4s:8.6	RHSA-2024:8169	2024-10-16T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
firefox-0:128.3.0-1.el8_8	cpe:/a:redhat:rhel_eus:8.8	RHSA-2024:7842	2024-10-09T00:00:00Z
thunderbird-0:128.3.1-1.el8_8	cpe:/a:redhat:rhel_eus:8.8	RHSA-2024:8166	2024-10-16T00:00:00Z
Red Hat Enterprise Linux 9
firefox-0:128.3.0-1.el9_4	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:7505	2024-10-02T00:00:00Z
thunderbird-0:128.3.0-1.el9_4	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:7552	2024-10-02T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
firefox-0:128.3.0-1.el9_0	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2024:7621	2024-10-03T00:00:00Z
thunderbird-0:128.3.0-1.el9_0	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2024:7855	2024-10-09T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
firefox-0:128.3.0-1.el9_2	cpe:/a:redhat:rhel_eus:9.2	RHSA-2024:7622	2024-10-03T00:00:00Z
thunderbird-0:128.3.0-1.el9_2	cpe:/a:redhat:rhel_eus:9.2	RHSA-2024:7853	2024-10-09T00:00:00Z

References

Link	Providers
https://bugzilla.mozilla.org/show_bug.cgi?id=1918301
https://nvd.nist.gov/vuln/detail/CVE-2024-9393
https://www.cve.org/CVERecord?id=CVE-2024-9393
https://www.mozilla.org/security/advisories/mfsa2024-46/
https://www.mozilla.org/security/advisories/mfsa2024-47/
https://www.mozilla.org/security/advisories/mfsa2024-48/
https://www.mozilla.org/security/advisories/mfsa2024-49/
https://www.mozilla.org/security/advisories/mfsa2024-50/

History

Fri, 14 Mar 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`	ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 30 Oct 2024 17:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-346

Fri, 11 Oct 2024 16:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mozilla Mozilla firefox Mozilla firefox Esr Mozilla thunderbird
Weaknesses		NVD-CWE-Other
CPEs		cpe:2.3:a:mozilla:firefox:::::::: cpe:2.3:a:mozilla:firefox_esr:::::::: cpe:2.3:a:mozilla:thunderbird:::::::: cpe:2.3:a:mozilla:thunderbird:129.0:beta2:::::: cpe:2.3:a:mozilla:thunderbird:129.0:beta3:::::: cpe:2.3:a:mozilla:thunderbird:129.0:beta4:::::: cpe:2.3:a:mozilla:thunderbird:129.0:beta5:::::: cpe:2.3:a:mozilla:thunderbird:129.0:beta6:::::: cpe:2.3:a:mozilla:thunderbird:129.0:beta::::::
Vendors & Products		Mozilla Mozilla firefox Mozilla firefox Esr Mozilla thunderbird
Metrics	cvssV3_1 `{'score': 7.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L'}`	cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}`

Thu, 10 Oct 2024 02:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_eus:8.8

Tue, 08 Oct 2024 02:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Els Redhat rhel Tus
CPEs		cpe:/a:redhat:enterprise_linux:8 cpe:/a:redhat:rhel_aus:8.4 cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.4 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_tus:8.4 cpe:/a:redhat:rhel_tus:8.6 cpe:/o:redhat:rhel_els:7
Vendors & Products		Redhat rhel Els Redhat rhel Tus

Fri, 04 Oct 2024 14:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Aus Redhat rhel E4s Redhat rhel Eus
CPEs		cpe:/a:redhat:rhel_aus:8.2 cpe:/a:redhat:rhel_e4s:9.0 cpe:/a:redhat:rhel_eus:9.2
Vendors & Products		Redhat rhel Aus Redhat rhel E4s Redhat rhel Eus

Thu, 03 Oct 2024 02:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux

Wed, 02 Oct 2024 01:15:00 +0000

Type	Values Removed	Values Added
Title		firefox: thunderbird: Cross-origin access to PDF contents through multipart responses
Weaknesses		CWE-94
References		https://nvd.nist.gov/vuln/detail/CVE-2024-9393 https://www.cve.org/CVERecord?id=CVE-2024-9393
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L'}` threat_severity `Important`

Tue, 01 Oct 2024 18:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 01 Oct 2024 15:30:00 +0000

Type	Values Removed	Values Added
Description		An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
References		https://bugzilla.mozilla.org/show_bug.cgi?id=1918301 https://www.mozilla.org/security/advisories/mfsa2024-46/ https://www.mozilla.org/security/advisories/mfsa2024-47/ https://www.mozilla.org/security/advisories/mfsa2024-48/ https://www.mozilla.org/security/advisories/mfsa2024-49/ https://www.mozilla.org/security/advisories/mfsa2024-50/

MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2024-10-01T15:13:19.123Z

Updated: 2025-03-14T15:15:13.293Z

Reserved: 2024-10-01T06:10:06.764Z

Link: CVE-2024-9393

Vulnrichment

Updated: 2024-10-01T18:04:28.832Z

NVD

Status : Modified

Published: 2024-10-01T16:15:10.623

Modified: 2025-03-14T16:15:39.030

Link: CVE-2024-9393

Redhat

Severity : Important

Publid Date: 2024-10-01T15:13:19Z

Links: CVE-2024-9393 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-9393", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2024-10-01T06:10:06.764Z", "datePublished": "2024-10-01T15:13:19.123Z", "dateUpdated": "2025-03-14T15:15:13.293Z"}, "containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "131", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "128.3", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "115.16", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "128.3", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "131", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131."}]}], "problemTypes": [{"descriptions": [{"description": "Cross-origin access to PDF contents through multipart responses", "lang": "en", "type": "text"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918301"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-46/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-47/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-48/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-49/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-50/"}], "credits": [{"lang": "en", "value": "Masato Kinugawa"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2024-10-01T15:13:19.123Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-346", "lang": "en", "description": "CWE-346 Origin Validation Error"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-03-14T15:14:36.763792Z", "id": "CVE-2024-9393", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-14T15:15:13.293Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-9393", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-14T15:14:36.763792Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-346", "description": "CWE-346 Origin Validation Error"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-01T18:04:28.832Z"}}], "cna": {"credits": [{"lang": "en", "value": "Masato Kinugawa"}], "affected": [{"vendor": "Mozilla", "product": "Firefox", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "131", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Firefox ESR", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "128.3", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Firefox ESR", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "115.16", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "128.3", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "131", "versionType": "custom"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918301"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-46/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-47/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-48/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-49/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-50/"}], "descriptions": [{"lang": "en", "value": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.", "supportingMedia": [{"type": "text/html", "value": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Cross-origin access to PDF contents through multipart responses"}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2024-10-01T15:13:19.123Z"}}}, "cveMetadata": {"cveId": "CVE-2024-9393", "state": "PUBLISHED", "dateUpdated": "2025-03-14T15:15:13.293Z", "dateReserved": "2024-10-01T06:10:06.764Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2024-10-01T15:13:19.123Z", "assignerShortName": "mozilla"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "DA47FFCA-3451-462C-8FFB-47143C65E65A", "versionEndExcluding": "131.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "BE98FB6E-21A3-4917-8806-09D3AF4FB876", "versionEndExcluding": "115.16.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "CAB84369-2EC9-42EC-A9BF-95A3EB9925C1", "versionEndExcluding": "128.3.0", "versionStartIncluding": "116.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B27464A-8C97-4D45-B7BE-CD1E3EA1DFD6", "versionEndExcluding": "128.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:129.0:beta:*:*:*:*:*:*", "matchCriteriaId": "1CF643F7-C722-44F1-827C-3974B45A3D0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:129.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "963ACFD6-B12A-4A66-A539-FD156C6F5220", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:129.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "B9E39014-2E8F-4E19-9575-978AB56E451A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:129.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "28752A54-6016-4F6E-983B-CB54FEA19E5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:129.0:beta5:*:*:*:*:*:*", "matchCriteriaId": "DA46E15E-0C2B-4F6E-8BA3-B7CB32C58D43", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:129.0:beta6:*:*:*:*:*:*", "matchCriteriaId": "90AD96F8-A88B-4B70-A4D2-CD7637DF239A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131."}, {"lang": "es", "value": "Un atacante podr\u00eda, mediante una respuesta de varias partes especialmente manipulada, ejecutar c\u00f3digo JavaScript arbitrario bajo el origen `resource://pdf.js`. Esto podr\u00eda permitirle acceder a contenido PDF de origen cruzado. Este acceso est\u00e1 limitado a documentos del \"mismo sitio\" por la funci\u00f3n de aislamiento de sitios en los clientes de escritorio, pero el acceso completo de origen cruzado es posible en las versiones de Android. Esta vulnerabilidad afecta a Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3 y Thunderbird < 131."}], "id": "CVE-2024-9393", "lastModified": "2025-03-14T16:15:39.030", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-10-01T16:15:10.623", "references": [{"source": "security@mozilla.org", "tags": ["Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918301"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2024-47/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2024-48/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2024-49/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2024-50/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-346"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:7702", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "firefox-0:128.3.0-1.el7_9", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7699", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:128.3.0-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7700", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:128.3.0-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7646", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "firefox-0:128.3.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2024-10-03T00:00:00Z"}, {"advisory": "RHSA-2024:7856", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "thunderbird-0:128.3.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHSA-2024:7703", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "firefox-0:128.3.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7854", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "thunderbird-0:128.3.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHSA-2024:7703", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "firefox-0:128.3.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7854", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "thunderbird-0:128.3.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHSA-2024:7703", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "firefox-0:128.3.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7854", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "thunderbird-0:128.3.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHSA-2024:7704", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "firefox-0:128.3.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:8169", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "thunderbird-0:128.3.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2024-10-16T00:00:00Z"}, {"advisory": "RHSA-2024:7704", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "firefox-0:128.3.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:8169", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "thunderbird-0:128.3.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2024-10-16T00:00:00Z"}, {"advisory": "RHSA-2024:7704", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "firefox-0:128.3.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:8169", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "thunderbird-0:128.3.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2024-10-16T00:00:00Z"}, {"advisory": "RHSA-2024:7842", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "firefox-0:128.3.0-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHSA-2024:8166", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "thunderbird-0:128.3.1-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-10-16T00:00:00Z"}, {"advisory": "RHSA-2024:7505", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "firefox-0:128.3.0-1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7552", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "thunderbird-0:128.3.0-1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7621", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "firefox-0:128.3.0-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2024-10-03T00:00:00Z"}, {"advisory": "RHSA-2024:7855", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "thunderbird-0:128.3.0-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHSA-2024:7622", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "firefox-0:128.3.0-1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-10-03T00:00:00Z"}, {"advisory": "RHSA-2024:7853", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "thunderbird-0:128.3.0-1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-10-09T00:00:00Z"}], "bugzilla": {"description": "firefox: thunderbird: Cross-origin access to PDF contents through multipart responses", "id": "2315956", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315956"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.6", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L", "status": "verified"}, "cwe": "CWE-94", "details": ["An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.", "A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions."], "name": "CVE-2024-9393", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "firefox-flatpak-container", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "thunderbird-flatpak-container", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-10-01T15:13:19Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-9393\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-9393\nhttps://www.mozilla.org/security/advisories/mfsa2024-47/\nhttps://www.mozilla.org/security/advisories/mfsa2024-48/\nhttps://www.mozilla.org/security/advisories/mfsa2024-49/\nhttps://www.mozilla.org/security/advisories/mfsa2024-50/"], "statement": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "threat_severity": "Important"}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object