CVE-2024-1556Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox

CWE-754Improper Check for Unusual or Exceptional Conditions12 documents9 sources
Severity
6.5MEDIUMNVD
OSV7.5
EPSS
0.3%
top 46.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox
Timeline
PublishedFeb 20
Latest updateMar 6

Description

The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 123.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

CVEListV5mozilla/firefoxunspecified123
NVDmozilla/firefox< 123.0
Ubuntumozilla/firefox< 123.0+build3-0ubuntu0.20.04.1+1

🔴Vulnerability Details

5
OSV
firefox regressions2024-03-06
OSV
firefox vulnerabilities2024-02-22
CVEList
CVE-2024-1556: The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior2024-02-20
GHSA
GHSA-wp8h-p32h-fwvc: The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior2024-02-20
OSV
CVE-2024-1556: The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior2024-02-20

📋Vendor Advisories

5
Ubuntu
Firefox regressions2024-03-06
Ubuntu
Firefox vulnerabilities2024-02-22
Microsoft
The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profil2024-02-13
Debian
CVE-2024-1556: firefox - The incorrect object was checked for NULL in the built-in profiler, potentially ...2024
Mozilla
Mozilla Foundation Security Advisory 2024-05: CVE-2024-1556
CVE-2024-1556 — Mozilla Firefox vulnerability | cvebase