Debian Firefox-Esr vulnerabilities

CVE-2024-43097 [HIGH] CVE-2024-43097: firefox-esr - In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due ... In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Scope: local bookworm: resolved (fixed in 128.8.0esr-1~deb12u1) bullseye: resolved (fixed in 128.8.0esr-1~deb11u1)

CVE-2024-1552 [HIGH] CVE-2024-1552: firefox - Incorrect code generation could have led to unexpected numeric conversions and p... Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. Scope: local sid: resolved (fixed in 123.0-1)

CVE-2024-5702 [HIGH] CVE-2024-5702: firefox-esr - Memory corruption in the networking stack could have led to a potentially exploi... Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12. Scope: local bookworm: resolved (fixed in 115.12.0esr-1~deb12u1) bullseye: resolved (fixed in 115.12.0esr-1~deb11u1) forky: resolved (fixed in 115.12.0esr-1) sid: resolved (fixed in 1

CVE-2024-0743 [HIGH] CVE-2024-0743: firefox - An unchecked return value in TLS handshake code could have caused a potentially ... An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.9, and Thunderbird < 115.9. Scope: local sid: resolved (fixed in 122.0-1)

CVE-2024-2612 [HIGH] CVE-2024-2612: firefox - If an attacker could find a way to trigger a particular code path in `SafeRefPtr... If an attacker could find a way to trigger a particular code path in `SafeRefPtr`, it could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. Scope: local sid: resolved (fixed in 124.0-1)

CVE-2024-0755 [HIGH] CVE-2024-0755: firefox - Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 11... Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. Scope: local sid: resolved (fixed in 12

CVE-2024-10458 [HIGH] CVE-2024-10458: firefox - A permission leak could have occurred from a trusted site to an untrusted site v... A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. Scope: local sid: resolved (fixed in 132.0-1)

CVE-2024-6604 [HIGH] CVE-2024-6604: firefox - Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 1... Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. Scope: local sid

CVE-2024-29944 [HIGH] CVE-2024-29944: firefox - An attacker was able to inject an event handler into a privileged object that wo... An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox < 124.0.1 and Firefox ESR < 115.9.1. Scope: local sid: resolved (fixed in 124.0.1-1)

CVE-2024-11699 [HIGH] CVE-2024-11699: firefox - Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 12... Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. Scope: local sid:

CVE-2024-8382 [HIGH] CVE-2024-8382: firefox - Internal browser event interfaces were exposed to web content when privileged Ev... Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulner

CVE-2024-4367 [HIGH] CVE-2024-4367: firefox - A type check was missing when handling fonts in PDF.js, which would allow arbitr... A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Scope: local sid: resolved (fixed in 126.0-1)

CVE-2024-8383 [HIGH] CVE-2024-8383: firefox - Firefox normally asks for confirmation before asking the operating system to fin... Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could r

CVE-2024-0750 [HIGH] CVE-2024-0750: firefox - A bug in popup notifications delay calculation could have made it possible for a... A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. Scope: local sid: resolved (fixed in 122.0-1)

CVE-2024-7652 [HIGH] CVE-2024-7652: firefox - An error in the ECMA-262 specification relating to Async Generators could have r... An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. Scope: local sid: resolved (fixed in 128.0-1)

CVE-2024-10467 [HIGH] CVE-2024-10467: firefox - Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 12... Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Scope: local sid:

CVE-2024-2614 [HIGH] CVE-2024-2614: firefox - Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 11... Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. Scope: local sid: resolved (fixed in 12

CVE-2024-11697 [HIGH] CVE-2024-11697: firefox - When handling keypress events, an attacker may have been able to trick a user in... When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. Scope: local sid: resolved (fixed in 133.0-1)

CVE-2024-3857 [HIGH] CVE-2024-3857: firefox - The JIT created incorrect code for arguments in certain cases. This led to poten... The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. Scope: local sid: resolved (fixed in 125.0.1-1)

CVE-2024-5688 [HIGH] CVE-2024-5688: firefox - If a garbage collection was triggered at the right time, a use-after-free could ... If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. Scope: local sid: resolved (fixed in 127.0-1)