Out-of-bounds Read/Write Vulnerability Affects Firefox
Key Information
- Vendor
- Mozilla
- Status
- Firefox
- Vendor
- CVE Published:
- 22 March 2024
Badges
Summary
The vulnerability CVE-2024-29943 affects Firefox, allowing attackers to perform an out-of-bounds read or write on a JavaScript object, enabling remote code execution and sandbox escape. The flaw was exploited during the Pwn2Own Vancouver 2024 hacking competition and affected Firefox versions before 124.0.1. Mozilla has since released security updates to address this vulnerability, but it is imperative for users to promptly update their web browsers to mitigate the risk of potential remote code execution attacks.
Affected Version(s)
Firefox < 124.0.1
News Articles
unSafe.sh CVE-2024-29943CVE-2024-29944Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024
Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024
8 months ago
Security Affairs CVE-2024-29943CVE-2024-29944Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024
Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during the Pwn2Own Vancouver 2024.
8 months ago
The Register CVE-2024-29943Mozilla fixes $100,000 Firefox zero-days from Pwn2Own event
Mozilla has swiftly patched a pair of critical Firefox zero-days after a researcher debuted them at a Vancouver cybersec competition. Manfred Paul demonstrated the bugs at Pwn2Own last week, the latest in the...
8 months ago
Timeline
- 👾
Exploit exists.
First article discovered by Beeping Computers
Vulnerability published.
Vulnerability Reserved.