Mozilla Firefox Vulnerability Could Lead to Code Execution or Crash

CVE-2024-2612

Currently unrated 🤨

Key Information

Vendor: Mozilla
Status: Firefox; Firefox Esr; Thunderbird
Vendor: Published:; 19 March 2024

Summary

If an attacker could find a way to trigger a particular code path in `SafeRefPtr`, it could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

Affected Version(s)

Firefox < 124

Firefox ESR < 115.9

Thunderbird < 115.9

Timeline

Vulnerability published.
Mar 19, 2024
Vulnerability Reserved.
Mar 18, 2024

Collectors

NVD DatabaseMitre Database

Credit

Ronald Crane