CVE-2024-6606 — Out-of-bounds Read in Mozilla Firefox

CWE-125 — Out-of-bounds Read9 documents7 sources

Severity

8.2HIGHNVD

OSV4.7

EPSS

0.2%

top 59.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Thunderbird

Timeline

PublishedJul 9

Latest updateJul 10

Description

Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 128 and Thunderbird < 128.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:LExploitability: 2.8 | Impact: 4.7

Affected Packages5 packages

▶CVEListV5mozilla/firefoxunspecified — 128

▶NVDmozilla/firefox< 128.0

▶CVEListV5mozilla/thunderbirdunspecified — 128

▶NVDmozilla/thunderbird< 128.0

▶Ubuntumozilla/firefox< 128.0+build2-0ubuntu0.20.04.1

🔴Vulnerability Details

OSV

firefox vulnerabilities↗2024-07-10

▶

OSV

CVE-2024-6606: Clipboard code failed to check the index on an array access↗2024-07-10

▶

CVEList

Out-of-bounds read in clipboard component↗2024-07-09

▶

GHSA

GHSA-3wq7-w8r7-pmvh: Clipboard code failed to check the index on an array access↗2024-07-09

▶

📋Vendor Advisories

Ubuntu

Firefox vulnerabilities↗2024-07-10

▶

Debian

CVE-2024-6606: firefox - Clipboard code failed to check the index on an array access. This could have led...↗2024

▶

Mozilla

Mozilla Foundation Security Advisory 2024-29: CVE-2024-6606↗

▶

Mozilla

Mozilla Foundation Security Advisory 2024-32: CVE-2024-6606↗

▶