Уязвимость CVE-2024-2608

Пакет	Статус	Версия исправления	Тип
firefox	fixed	124.0-1	package
firefox-esr	fixed	115.9.0esr-1	package
thunderbird	fixed	1:115.9.0-1	package

CVE-2024-2608

CVSS3: 8.4

ubuntu

больше 1 года назад

`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

CVE-2024-2608

CVSS3: 7.5

redhat

больше 1 года назад

`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

CVE-2024-2608

CVSS3: 8.4

nvd

больше 1 года назад

`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

GHSA-9crf-rxmh-772m

CVSS3: 8.4

github

больше 1 года назад

`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

BDU:2024-02316

CVSS3: 8.8

fstec

больше 1 года назад

Уязвимость функций AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding() и AppendEncodedCharacters() браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код

exploitDog

CVE-2024-2608

Описание

Пакеты

Примечания

Связанные уязвимости