Lucene search
MozillaCVE-2024-0746HistoryJan 23, 2024 - 2:15 p.m.
CVE-2024-0746
2024-01-2314:15:38
mozilla
web.nvd.nist.gov
50
linux
user
print preview
dialog
vulnerability
firefox
thunderbird
cve-2024-0746
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
6.7
Confidence
High
EPSS
0.001
Percentile
22.9%
A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
Affected configurations
Node
mozillafirefoxRange<122.0
ORmozillafirefox_esrRange<115.7
ORmozillathunderbirdRange<115.7
Node
debiandebian_linuxMatch10.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox | * | cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* |
| mozilla | firefox_esr | * | cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* |
| mozilla | thunderbird | * | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
| debian | debian_linux | 10.0 | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "122",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]References
bugzilla.mozilla.org/show_bug.cgi?id=1660223
lists.debian.org/debian-lts-announce/2024/01/msg00015.html
lists.debian.org/debian-lts-announce/2024/01/msg00022.html
www.mozilla.org/security/advisories/mfsa2024-01/
www.mozilla.org/security/advisories/mfsa2024-02/
www.mozilla.org/security/advisories/mfsa2024-04/
Related
alpinelinux
alpinelinux
CVE-2024-0746
2024-01-23 14:15:38
ubuntucve
ubuntucve
CVE-2024-0746
2024-01-23 00:00:00
veracode
veracode
Denial Of Service
2024-02-03 03:04:08
redhatcve
redhatcve
CVE-2024-0746
2024-01-25 17:20:58
debiancve
debiancve
CVE-2024-0746
2024-01-23 14:15:38
nvd
nvd
CVE-2024-0746
2024-01-23 14:15:38
prion
prion
Design/Logic Flaw
2024-01-23 14:15:00
cnvd
cnvd
cvelist
cvelist
CVE-2024-0746
2024-01-23 13:48:16
nessus
nessus
Mozilla Firefox ESR < 115.7
2024-01-23 00:00:00
Mozilla Firefox ESR < 115.7
2024-01-23 00:00:00
RHEL 7 : firefox (RHSA-2024:0600)
2024-01-30 00:00:00
debian
debian
[SECURITY] [DSA 5606-1] firefox-esr security update
2024-01-24 19:18:38
[SECURITY] [DSA 5605-1] thunderbird security update
2024-01-24 18:53:24
[SECURITY] [DLA 3720-1] thunderbird security update
2024-01-25 10:49:57
osv
osv
thunderbird - security update
2024-01-24 00:00:00
thunderbird - security update
2024-01-25 00:00:00
Important: firefox security update
2024-02-12 20:17:26
rocky
rocky
firefox security update
2024-02-12 20:17:26
thunderbird security update
2024-02-12 20:17:26
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:0229-1)
2024-01-26 00:00:00
Slackware: Security Advisory (SSA:2024-023-01)
2024-01-24 00:00:00
Debian: Security Advisory (DLA-3720-1)
2024-01-26 00:00:00
redhat
redhat
(RHSA-2024:0565) Important: thunderbird security update
2024-01-30 12:20:19
(RHSA-2024:0608) Important: firefox security update
2024-01-30 14:30:51
(RHSA-2024:0615) Important: firefox security update
2024-01-30 15:13:24
kaspersky
kaspersky
KLA63225 Multiple vulnerabilities in Mozilla Thunderbird
2024-01-23 00:00:00
KLA63224 Multiple vulnerabilities in Mozilla Firefox ESR
2024-01-23 00:00:00
KLA63223 Multiple vulnerabilities in Mozilla Firefox
2024-01-23 00:00:00
slackware
slackware
[slackware-security] mozilla-thunderbird
2024-01-24 05:03:37
[slackware-security] mozilla-firefox
2024-01-23 20:15:17
almalinux
almalinux
Important: thunderbird security update
2024-01-30 00:00:00
Important: firefox security update
2024-01-30 00:00:00
Important: thunderbird security update
2024-01-30 00:00:00
oraclelinux
oraclelinux
firefox security update
2024-01-30 00:00:00
thunderbird security update
2024-01-30 00:00:00
firefox security update
2024-01-31 00:00:00
mageia
mageia
Updated thunderbird packages fix security vulnerabilities
2024-02-04 05:49:27
Updated nss and firefox packages fix some security vulnerabilities
2024-02-04 05:49:27
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 115.7 — Mozilla
2024-01-23 00:00:00
Security Vulnerabilities fixed in Thunderbird 115.7 — Mozilla
2024-01-23 00:00:00
Security Vulnerabilities fixed in Firefox 122 — Mozilla
2024-01-23 00:00:00
amazon
amazon
Medium: thunderbird
2024-02-01 19:57:00
centos
centos
firefox, thunderbird security update
2024-02-05 19:24:42
ubuntu
ubuntu
Firefox vulnerabilities
2024-01-29 00:00:00
Firefox regressions
2024-02-07 00:00:00
Thunderbird vulnerabilities
2024-03-04 00:00:00
gentoo
gentoo
Mozilla Firefox: Multiple Vulnerabilities
2024-02-19 00:00:00
Mozilla Thunderbird: Multiple Vulnerabilities
2024-02-19 00:00:00
redos
redos
ROS-20240923-02
2024-09-23 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
6.7
Confidence
High
EPSS
0.001
Percentile
22.9%
Related for CVE-2024-0746