CVE-2024-5688: If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox <…

CVE-2024-5693 [HIGH] Firefox vulnerabilities Title: Firefox vulnerabilities Summary: Several security issues were fixed in Firefox. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-5689, CVE-2024-5690, CVE-2024-5691, CVE-2024-5693, CVE-2024-5697, CVE-2024-5698, CVE-2024-5699, CVE-2024-5700, CVE-2024-5701) Lukas Bernhard discovered that Firefox did not properly manage memory during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-5688) Lukas Bernhard discovered that Firefox did not properly manage memory in the JavaScript en

CVE-2024-5688 [HIGH] Thunderbird vulnerabilities Title: Thunderbird vulnerabilities Summary: Several security issues were fixed in Thunderbird. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code.(CVE-2024-5688, CVE-2024-5690, CVE-2024-5696, CVE-2024-5700, CVE-2024-5702) Luan Herrera discovered that Thunderbird did not properly validate the X-Frame-Options header inside sandboxed iframe. An attacker could potentially exploit this issue to bypass sandbox restrictions to open a new window. (CVE-2024-5691) Kirtikumar Anandrao Ramchandani discovered that Thunderbird did

CVE-2024-5688 [HIGH] CWE-416 Mozilla: Use-after-free in JavaScript object transplant Mozilla: Use-after-free in JavaScript object transplant If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. The Mozilla Foundation Security Advisory describes this flaw as: If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. Statement: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. Package: firefox (Red Hat Enterprise Linux 6) - Out of support scope Package: thunderbird (Red Hat Enterprise Linux 6) - Out of support scope

CVE-2024-5688 [HIGH] CVE-2024-5688: firefox - If a garbage collection was triggered at the right time, a use-after-free could ... If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. Scope: local sid: resolved (fixed in 127.0-1)

CVE-2024-5688 [HIGH] Mozilla Foundation Security Advisory 2024-26: CVE-2024-5688 Mozilla Foundation Security Advisory 2024-26 CVE: CVE-2024-5688 Product: Firefox ESR Impact: high Fixed in: Firefox ESR 115.12

CVE-2024-5688 [HIGH] Mozilla Foundation Security Advisory 2024-28: CVE-2024-5688 Mozilla Foundation Security Advisory 2024-28 CVE: CVE-2024-5688 Product: Thunderbird Impact: high Fixed in: Thunderbird 115.12

CVE-2024-5688 [HIGH] Mozilla Foundation Security Advisory 2024-25: CVE-2024-5688 Mozilla Foundation Security Advisory 2024-25 CVE: CVE-2024-5688 Product: Firefox Impact: high Fixed in: Firefox 127

CVE-2024-5689 [HIGH] firefox vulnerabilities firefox vulnerabilities Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-5689, CVE-2024-5690, CVE-2024-5691, CVE-2024-5693, CVE-2024-5697, CVE-2024-5698, CVE-2024-5699, CVE-2024-5700, CVE-2024-5701) Lukas Bernhard discovered that Firefox did not properly manage memory during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-5688) Lukas Bernhard discovered that Firefox did not properly manage memory in the JavaScript engine. An attacker could potentially exploit this issue to obtain

CVE-2024-5688 [HIGH] thunderbird vulnerabilities thunderbird vulnerabilities Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code.(CVE-2024-5688, CVE-2024-5690, CVE-2024-5696, CVE-2024-5700, CVE-2024-5702) Luan Herrera discovered that Thunderbird did not properly validate the X-Frame-Options header inside sandboxed iframe. An attacker could potentially exploit this issue to bypass sandbox restrictions to open a new window. (CVE-2024-5691) Kirtikumar Anandrao Ramchandani discovered that Thunderbird did not properly track cross-origin tainting in Offscreen Canvas. An att

CVE-2024-5688 [HIGH] CWE-416 GHSA-g23m-h4v3-g2qq: If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127 and Firefox ESR < 115.12.

CVE-2024-5688 [HIGH] CVE-2024-5688: If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.